geoBlog MOD_1.0 deletecomment.php id Variable Remote Arbitrary Comment Deletion

ID SSV:83746
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments.

An attacker may exploit these issues to delete blogs and comments regardless of the security settings. This may aid the attacker in further attacks.

geoBlog v1 is vulnerable to these issues.