Spy Hat

3 exploits Active since Apr 2004
CVE-2004-1952 EXPLOITDB text WRITEUP
Advanced Guestbook 2.2 - SQL Injection via Password Parameter
SQL injection vulnerability in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password.
CVE-2005-1548 EXPLOITDB text WRITEUP
Advanced Guestbook 2.3.1 - SQL Injection
SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 allows remote attackers to execute arbitrary SQL commands via the entry parameter.
CVE-2005-1494 EXPLOITDB text WORKING POC
MegaBook 2.0-2.1 - Cross-Site Scripting via entryid or password Parameter
Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in MegaBook 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) entryid or (2) password parameter.