CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2007-1480 – creative Guestbook 1.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-1480
Creative Guestbook 1.0 allows remote attackers to add an administrative account via a direct request to createadmin.php with Name, Email, and PASSWORD parameters set. Creative Guestbook 1.0 permite a atacantes remotos añadir una cuenta de administración mediante una petición directa de createadmin.php con valor para los parámetros Name, Email, y PASSWORD. • https://www.exploit-db.com/exploits/3489 http://osvdb.org/34234 http://secunia.com/advisories/24536 https://exchange.xforce.ibmcloud.com/vulnerabilities/33014 • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2007-1479 – creative Guestbook 1.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-1479
Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en Guestbook.php en Creative Guestbook 1.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un parámetro no especificado. • https://www.exploit-db.com/exploits/3489 http://osvdb.org/34233 http://secunia.com/advisories/24536 https://exchange.xforce.ibmcloud.com/vulnerabilities/33015 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 7CVE-2006-2255 – Creative Software UK Community Portal 1.1 - 'Discussions.php?forum_id' SQL Injection
https://notcve.org/view.php?id=CVE-2006-2255
Multiple SQL injection vulnerabilities in Creative Community Portal 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to (a) ArticleView.php, (2) forum_id parameter to (b) DiscView.php or (c) Discussions.php, (3) event_id parameter to (d) EventView.php, (4) AddVote and (5) answer_id parameter to (e) PollResults.php, or (7) mid parameter to (f) DiscReply.php. • https://www.exploit-db.com/exploits/27833 https://www.exploit-db.com/exploits/27836 https://www.exploit-db.com/exploits/27831 https://www.exploit-db.com/exploits/27832 https://www.exploit-db.com/exploits/27835 https://www.exploit-db.com/exploits/27834 http://pridels0.blogspot.com/2006/05/creative-community-portal-vuln.html http://secunia.com/advisories/19999 http://www.osvdb.org/25307 http://www.osvdb.org/25308 http://www.osvdb.org/25309 http://www.osvdb&# •