Aspjar: >> Aspjar Guestbook Security Vulnerabilities
SQL injection vulnerability in login.asp in ASPjar Guestbook allows remote attackers to execute arbitrary SQL commands via the password field.
CVSS Score
5.0
EPSS Score
0.004
Published
2005-04-27
Unknown vulnerability in the delete.asp program in certain versions of ASPjar Guestbook allows remote attackers to delete messages. NOTE: there is insufficient information to know if this is the same issue as CVE-2002-1730.
CVSS Score
5.0
EPSS Score
0.004
Published
2005-04-27
Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message.
CVSS Score
6.8
EPSS Score
0.01
Published
2002-12-31
ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".
CVSS Score
5.0
EPSS Score
0.004
Published
2002-12-31