Mavili Guestbook Project Mavili Guestbook — known CVE vulnerabilities
Every CVE whose affected-product data names Mavili Guestbook Project Mavili Guestbook, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2012-5297 — CVSS 7.5 (high): SQL injection vulnerability in edit.asp in Mavili Guestbook, as released in November 2007, allows remote attackers to execute arbitrary SQL…
CVE-2012-5299 — CVSS 7.5 (high): Mavili Guestbook, as released in November 2007, allows remote attackers to edit, delete, and approve arbitrary messages via a direct…
CVE-2012-5298 — CVSS 5.0 (medium): Mavili Guestbook, as released in November 2007, stores guestbook.mdb under the web root with insufficient access control, which allows…
CVE-2012-5296 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Mavili Guestbook, as released in November 2007, allow remote attackers to inject…