VYPR

Pbl Guestbook

by Pbl Guestbook

CVEs (2)

  • CVE-2007-1933Apr 10, 2007
    risk 0.04cvss epss 0.06

    Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) gb.php, or (3) faq.php.

  • CVE-2006-2975Jun 12, 2006
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS…