Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-1697Cross-site Scripting in Wright Guestbook

4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
1.1%
top 21.82%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Matt Wright Guestbook
Timeline
PublishedApr 11
Latest updateMay 1

Description

Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web script or HTML via the (1) Your Name, (2) E-Mail, or (3) Comments fields when posting a message.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-j6w5-7wgg-qq7q: Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 22022-05-01
CVEList
CVE-2006-1697: Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 22006-04-11

💥Exploits & PoCs

1
Exploit-DB
Matt Wright Guestbook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities2006-04-07
CVE-2006-1697 — Cross-site Scripting | cvebase