MidnightBSD

Advisories for levcgi.com

CVE-2002-0732 HIGH

Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote attackers to execute arbitrary script or inject HTML via fields such as (1) user name or (2) comments.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
levcgi.com myguestbook 1.0
CVE-2003-1241 MEDIUM

Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via script injected into the pseudo, email, and message parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
levcgi.com myguestbook 3.0
CVE-2005-2162 MEDIUM

PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
levcgi.com myguestbook 0.6.1