Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter.
References
Configurations
History
No history.
Information
Published : 2006-02-23 23:02
Updated : 2024-02-04 16:52
NVD link : CVE-2006-0859
Mitre link : CVE-2006-0859
CVE.ORG link : CVE-2006-0859
JSON object : View
Products Affected
michael_salzer
- guestbox
CWE
CWE-264
Permissions, Privileges, and Access Controls