Vulnerabilities > Michael Salzer

DATE	CVE	VULNERABILITY TITLE	RISK
2006-02-23	CVE-2006-0861	Information Exposure vulnerability in Michael Salzer Guestbox 0.6 Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to obtain the source IP addresses of guestbook entries via a direct request to /gb/gblog. network low complexity michael-salzer CWE-200	5.0
2006-02-23	CVE-2006-0860	Cross-Site Scripting vulnerability in Michael Salzer Guestbox 0.6 Multiple cross-site scripting (XSS) vulnerabilities in Michael Salzer Guestbox 0.6, and other versions before 0.8, allow remote attackers to inject arbitrary web script or HTML via (1) HTML tags that follow a "http://" string, which bypasses a regular expression check, and (2) other unspecified attack vectors. network michael-salzer CWE-79	4.3
2006-02-23	CVE-2006-0859	Permissions, Privileges, and Access Controls vulnerability in Michael Salzer Guestbox 0.6 Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter. network low complexity michael-salzer CWE-264	5.0

Vulnerabilities > Michael Salzer {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Michael Salzer"}]}