RSS   Vulnerabilities for 'Phpbb advanced guestbook'   RSS

2007-03-02
 
CVE-2006-7077

 

 
SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote attackers to execute arbitrary SQl commands via the entry parameter.

 
 
CVE-2006-7076

 

 
Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced Guestbook 2.4 for phpBB allows remote attackers to inject arbitrary web script or HTML via the entry parameter. NOTE: this issue might be resultant from SQL injection.

 
2006-05-03
 
CVE-2006-2152

 

 
PHP remote file inclusion vulnerability in admin/addentry.php in phpBB Advanced Guestbook 2.4.0 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter.

 

 >>> Vendor: Phpbb group 6 Products
Phpbb
Phpbb plus
Phpbb-auction
Phpbb toplist
Phpbb advanced guestbook
Vitrax premodded phpbb


Copyright 2024, cxsecurity.com

 

Back to Top