Creative Guestbook: Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
CVSS Score
4.3
EPSS Score
0.039
Published
2007-03-16
Creative Guestbook 1.0 allows remote attackers to add an administrative account via a direct request to createadmin.php with Name, Email, and PASSWORD parameters set.
CVSS Score
7.5
EPSS Score
0.067
Published
2007-03-16