Syguestbook A5 Project : Security vulnerabilities, CVEs xss, cross site scripting

Copy

CVE-2019-13950

index.php?c=admin&a=index in SyGuestBook A5 Version 1.2 has stored XSS via a reply to a comment.

Max CVSS

5.4

EPSS Score

0.07%

Published

2019-07-18

Updated

2019-07-19

CVE-2019-13948

SyGuestBook A5 Version 1.2 allows stored XSS because the isValidData function in include/functions.php does not properly block XSS payloads, as demonstrated by a crafted use of the onerror attribute of an IMG element.

Max CVSS

5.4

EPSS Score

0.07%

Published

2019-07-18

Updated

2019-07-19

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!