Phpversion: Security Vulnerabilities
An authenticated SQL injection vulnerability in VX Guestbook 1.07 allows attackers with admin access to inject malicious SQL payloads via the "word" POST parameter in the words.php admin panel.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-09-04
Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and download a backup of the database via a direct request to admin/backupdb.php.
CVSS Score
5.0
EPSS Score
0.041
Published
2009-08-19
Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and gain administrative access by setting the (1) admin_name and (2) admin_pass cookie values to 1.
CVSS Score
7.5
EPSS Score
0.017
Published
2009-08-19