Description
Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in MegaBook 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) entryid or (2) password parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Spy Hat · textwebappscgi
https://www.exploit-db.com/exploits/25622
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/20669
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13522
Exploit mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/397809
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111531609618182&w=2
Scores
EPSS
0.0042
EPSS Percentile
61.8%
Details
Status
published
Products (2)
megabook/megabook
2.0
megabook/megabook
2.1
Published
May 11, 2005
Tracked Since
Feb 18, 2026