Filtered by vendor Emefa
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5852 | 1 Emefa | 1 Emefa Guestbook | 2017-09-28 | 5.0 MEDIUM | N/A |
| Emefa Guestbook 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for guestbook.mdb. | |||||
| CVE-2005-2650 | 1 Emefa | 1 Emefa Guestbook | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, and (3) email parameters. | |||||