Virtual Design Studios Vlbook vulnerabilities
3 known vulnerabilities affecting virtual_design_studios/vlbook.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2008-2073P3HIGHCVSS 7.5PoCv1.212008-05-05
CVE-2008-2073 [HIGH] CWE-22 CVE-2008-2073: Directory traversal vulnerability in include/global.inc.php in Virtual Design Studio vlbook 1.21 all
Directory traversal vulnerability in include/global.inc.php in Virtual Design Studio vlbook 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the l parameter.
nvd
CVE-2008-2072P4MEDIUMCVSS 4.3PoCv1.212008-05-05
CVE-2008-2072 [MEDIUM] CVE-2008-2072: Cross-site scripting (XSS) vulnerability in index.php in Virtual Design Studio vlbook 1.21 allows re
Cross-site scripting (XSS) vulnerability in index.php in Virtual Design Studio vlbook 1.21 allows remote attackers to inject arbitrary web script or HTML via the l parameter, a different vector than CVE-2006-3260.
nvd
CVE-2006-3260P4MEDIUMCVSS 4.3v1.0.22006-06-27
CVE-2006-3260 [MEDIUM] CVE-2006-3260: Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 allows remote attackers to inje
Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
nvd