Alexphpteam » Alex Guestbook : Security Vulnerabilities, CVEs, Published In 2006
index.php in @lex Guestbook 4.0.1 allows remote attackers to obtain sensitive information via a skin parameter referencing a nonexistent skin, which reveals the installation path in an error message.
Max CVSS
5.0
EPSS Score
0.91%
Published
2006-12-04
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in index.php in @lex Guestbook 4.0.1 allows remote attackers to inject arbitrary web script or HTML via the skin parameter.
Max CVSS
6.8
EPSS Score
2.41%
Published
2006-12-04
Updated
2018-10-17
2 vulnerabilities found