Vulnerabilities > Steveyolam > Tinyguestbook > 10.2010
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-23 | CVE-2011-5201 | SQL Injection vulnerability in Steveyolam Tinyguestbook 10.2010 Multiple SQL injection vulnerabilities in sign.php in tinyguestbook allow remote attackers to execute arbitrary SQL commands via the (1) name and (2) msg parameters. | 7.5 |
2012-09-23 | CVE-2011-5199 | Cross-Site Scripting vulnerability in Steveyolam Tinyguestbook 10.2010 Cross-site scripting (XSS) vulnerability in sign.php in tinyguestbook allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |