6.7 Medium
AI Score
Confidence
High
0.028 Low
EPSS
Percentile
90.7%
delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to delete arbitrary blog posts via a direct request.
osvdb.org/51482
secunia.com/advisories/33590
www.mzbservices.com/show_post.php?id=72
www.securityfocus.com/bid/33368
exchange.xforce.ibmcloud.com/vulnerabilities/48125
www.exploit-db.com/exploits/7835