PBLang Bulletin Board System 4.x - 'DelPM.php' Arbitrary Personal Message Deletion
| EKU-ID: 30535 | CVE: | OSVDB-ID: |
| Author: Raven | Published: 2005-03-01 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 30535 | CVE: | OSVDB-ID: |
| Author: Raven | Published: 2005-03-01 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/12694/info PBLang is reported prone to a vulnerability that can allow a registered user to delete arbitrary personal messages. The vulnerability exists due to a design error leading to a lack of access controls. http://www.example.com/pblang/delpm.php?id=[PMID]&a=[Target user name]