Phptoys: Security Vulnerabilities
Micro Login System 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a password via a direct request for userpwd.txt.
CVSS Score
5.0
EPSS Score
0.003
Published
2007-11-01
Cross-site scripting (XSS) vulnerability in index.php in Micro GuestBook allows remote attackers to execute arbitrary SQL commands via the (1) name or (2) comment ("text") fields.
CVSS Score
4.3
EPSS Score
0.006
Published
2006-07-25