2 matches found
CVE-2002-1410
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to 1 delete entries via direct access of admin.cgi, or 2 reconfigure Guestbook via direct access of config.cgi...
Easy Guestbook Vulnerabilities
AresU Advisory 19/July/2002 Easy Guestbook Vulnerabilities Severity : High Possible to edit member homepage Systems Affected: Easy Guestbook v1.0 Vendor URL : http://www.easyscripts.co.uk Vuln Type : It does not use Access Validation to delete the entries and login as Admin Control. Author : Ares...