RSS   Vulnerabilities for 'Wwwguestbook'   RSS

2005-05-03
 
CVE-2005-1429

 

 
SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows remote attackers to execute arbitrary SQL commands via the password parameter.

 
2004-12-31
 
CVE-2004-2428

 

 
Abczone.it WWWguestbook 1.1 stores db/dbase.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the plaintext username and password.

 


Copyright 2024, cxsecurity.com

 

Back to Top