CVE-2005-0915

Name of the Vulnerable Software and Affected Versions Webmasters-Debutants WD Guestbook version 2.8

Description The issue allows remote attackers to bypass authentication and perform certain administrator actions. This can be achieved via a direct HTTP POST request to API endpoints such as "ajout admin2.php" or "suppr.php".

Recommendations For Webmasters-Debutants WD Guestbook version 2.8, consider restricting access to the "ajout admin2.php" and "suppr.php" API endpoints until a patch is available. As a temporary workaround, limit the ability to perform administrator actions to mitigate the risk of exploitation.