Hogstorps Guestbook 2.0 - Unauthorized Access
| EKU-ID: 33193 | CVE: CVE-2006-2771;OSVDB-25930 | OSVDB-ID: |
| Author: omnipresent | Published: 2006-05-01 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 33193 | CVE: CVE-2006-2771;OSVDB-25930 | OSVDB-ID: |
| Author: omnipresent | Published: 2006-05-01 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/18205/info Hogstorps guestbook is prone to an access-authorization vulnerability. The issue occurs because the affected script fails to prompt for authentication credentials. An attacker can exploit this issue to delete and modify application data. This could aid in further attacks on the affected computer. Version 2.0 is vulnerable; other versions may also be affected. http://www.example.com/[path_of_application]/admin/radera/tabort.asp?delID=119