VYPR

Mcguestbook

by Mcguestbook

CVEs (3)

  • CVE-2006-3175Jun 23, 2006
    risk 0.04cvss epss 0.09

    Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php, (2) ecrire.php, and (3) lire.php. NOTE: it was later reported that the ecrire.php vector also affects 1.2.…

  • CVE-2005-2162Jul 6, 2005
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang parameter.

  • CVE-2003-1241Dec 31, 2003
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web…