Vulnerabilities (CVE)

Filtered by vendor Creative Guestbook Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-1480 1 Creative Guestbook 1 Creative Guestbook 2024-02-28 7.5 HIGH N/A
Creative Guestbook 1.0 allows remote attackers to add an administrative account via a direct request to createadmin.php with Name, Email, and PASSWORD parameters set.
CVE-2007-1479 1 Creative Guestbook 1 Creative Guestbook 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.