CVE-2014-1620

EUVD-2014-1695
Multiple cross-site scripting (XSS) vulnerabilities in add.php in HIOX Guest Book (HGB) 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name1, (2) email, or (3) cmt parameter.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
hioxhiox_guest_book
5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/101844
http://packetstormsecurity.com/files/124681/Hiox-Guest-Book-5.0-Cross-Site-Scripting.html
http://www.securityfocus.com/bid/64683
https://exchange.xforce.ibmcloud.com/vulnerabilities/90156
http://osvdb.org/101844
http://packetstormsecurity.com/files/124681/Hiox-Guest-Book-5.0-Cross-Site-Scripting.html
http://www.securityfocus.com/bid/64683
https://exchange.xforce.ibmcloud.com/vulnerabilities/90156