Hiox India » Guest Book : Security Vulnerabilities, CVEs,
Direct static code injection vulnerability in HIOX Guest Book (HGB) 4.0 allows remote attackers to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php.
Max CVSS
7.5
EPSS Score
7.13%
Published
2007-04-12
Updated
2017-10-11
Cross-site scripting (XSS) vulnerability in index.php in Hiox Guestbook 3.1 allows remote attackers to inject arbitrary web script or HTML via the input forms for signing the guestbook.
Max CVSS
6.8
EPSS Score
2.95%
Published
2006-05-22
Updated
2018-10-18
2 vulnerabilities found