Vulnerabilities > Esoftpro > Online Guestbook PRO
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-11-01 | CVE-2010-4996 | SQL Injection vulnerability in Esoftpro Online Guestbook PRO 5.1 SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | 7.5 |
| 2010-07-12 | CVE-2009-4935 | SQL Injection vulnerability in Esoftpro Online Guestbook PRO SQL injection vulnerability in ogp_show.php in Online Guestbook Pro allows remote attackers to execute arbitrary SQL commands via the display parameter. | 7.5 |
| 2009-07-13 | CVE-2009-2448 | Cross-Site Scripting vulnerability in Esoftpro Online Guestbook PRO 5.1 Cross-site scripting (XSS) vulnerability in ogp_show.php in Online Guestbook Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via the search_choice parameter. | 4.3 |
| 2009-07-13 | CVE-2009-2447 | Cross-Site Scripting vulnerability in Esoftpro Online Guestbook PRO 5.1 Multiple cross-site scripting (XSS) vulnerabilities in ogp_show.php in Online Guestbook Pro 5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) search or (2) display parameter. | 4.3 |
| 2009-07-13 | CVE-2009-2441 | Cross-Site Scripting vulnerability in Esoftpro Online Guestbook PRO 5.1 Cross-site scripting (XSS) vulnerability in ogp_show.php in Online Guestbook Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter. | 4.3 |