2 matches found
CVE-2007-4047
geoBlog aka BitDamaged 1 does not require authentication for 1 deletecomment.php, 2 deleteblog.php, and 3 listcomment.php in admin/, which allows remote attackers to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request with a valid id parameter...
CVE-2007-4047
geoBlog (aka BitDamaged) 1 suffers an unauthenticated privilege issue in admin/ scripts: deletecomment.php, deleteblog.php, and listcomment.php can be invoked with a valid id to delete arbitrary comments/blogs and cause other unspecified impact. Descriptions across NVD and CVE records confirm lac...