- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 28362
- Проверка EDB
-
- Пройдено
- Автор
- OMNIPRESENT
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-4122
- Дата публикации
- 2006-08-09
Код:
source: https://www.securityfocus.com/bid/19437/info
Simple one-file guestbook is prone to a security-bypass vulnerability. An attacker can bypass authentication measures by using a specific URL to delete all guestbook entries.
Version 1.0 of Simple one-file guestbook is vulnerable. Other versions may be affected as well.
#Simple One-File Guestbook Adminstrator Credential Bypass
#Proof of Concept URL
http://www.example.com/[path]/guestbook.php?id=4- Источник
- www.exploit-db.com
