Hogstorps Guestbook 2.0 - Unauthorized Access

EDB-ID:

27932




Platform:

ASP

Date:

2006-05-01


source: https://www.securityfocus.com/bid/18205/info

Hogstorps guestbook is prone to an access-authorization vulnerability. The issue occurs because the affected script fails to prompt for authentication credentials. 

An attacker can exploit this issue to delete and modify application data. This could aid in further attacks on the affected computer.

Version 2.0 is vulnerable; other versions may also be affected.

http://www.example.com/[path_of_application]/admin/radera/tabort.asp?delID=119