admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Hogstorp_guestbook |
Hogstorps |
2.0 |
2.0 |
References