PT-2003-1157 · Unknown · Syguestbook

Published

2003-03-18

Updated

2008-09-05

CVE-2002-1410

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Easy Guestbook (affected versions not specified)

Description The issue concerns a lack of authentication for administrators in Easy Guestbook CGI programs. This allows remote attackers to perform certain actions without proper authorization. Specifically, attackers can delete entries by directly accessing the admin.cgi endpoint or reconfigure the Guestbook by directly accessing the config.cgi endpoint.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1410

Affected Products

Syguestbook

PT-2003-1157 · Unknown · Syguestbook

CVE-2002-1410

Related Identifiers

Affected Products

References · 5