Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dmsguestbook Subscribe
Filtered by product Dmsguestbook
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0616 2 Dmsguestbook, Wordpress 2 Dmsguestbook, Wordpress 2018-10-15 6.5 MEDIUM N/A
SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
CVE-2008-0615 2 Dmsguestbook, Wordpress 2 Dmsguestbook, Wordpress 2018-10-15 4.0 MEDIUM N/A
Directory traversal vulnerability in wp-admin/admin.php in the DMSGuestbook 1.8.0 and 1.7.0 plugin for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) folder and (2) file parameters.