RSS   Podatności dla 'Aspjar guestbook'   RSS

2005-04-27
 
CVE-2005-0424

 

 
Unknown vulnerability in the delete.asp program in certain versions of ASPjar Guestbook allows remote attackers to delete messages. NOTE: there is insufficient information to know if this is the same issue as CVE-2002-1730.

 
 
CVE-2005-0423

 

 
SQL injection vulnerability in login.asp in ASPjar Guestbook allows remote attackers to execute arbitrary SQL commands via the password field.

 
2002-12-31
 
CVE-2002-1730

 

 
ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".

 
 
CVE-2002-1729

 

 
Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message.

 


Copyright 2024, cxsecurity.com

 

Back to Top