Vulnerabilities > Xeobook
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-13 | CVE-2006-5287 | SQL Injection vulnerability in Xeobook 0.93 Multiple SQL injection vulnerabilities in sign.php in Xeobook 0.93 allow remote attackers to execute arbitrary SQL commands via (1) the User-Agent HTTP header, or the (2) gb_entry_text, (3) gb_location, (4) gb_fullname, or (5) gb_sex parameters. | 5.1 |
2005-10-23 | CVE-2005-3292 | HTML Injection vulnerability in Xeobook 0.93 Multiple cross-site scripting (XSS) vulnerabilities in Xeobook 0.93 allow remote attackers to inject arbitrary web script or HTML via Javascript events in tages such as <b>. network xeobook | 4.3 |