10 lines
No EOL
465 B
Text
Executable file
10 lines
No EOL
465 B
Text
Executable file
source: http://www.securityfocus.com/bid/19437/info
|
|
|
|
Simple one-file guestbook is prone to a security-bypass vulnerability. An attacker can bypass authentication measures by using a specific URL to delete all guestbook entries.
|
|
|
|
Version 1.0 of Simple one-file guestbook is vulnerable. Other versions may be affected as well.
|
|
|
|
#Simple One-File Guestbook Adminstrator Credential Bypass
|
|
#Proof of Concept URL
|
|
|
|
http://www.example.com/[path]/guestbook.php?id=4 |