CVE-2006-2771

Name of the Vulnerable Software and Affected Versions Hogstorps hogstorp guestbook version 2.0

Description The issue concerns the "admin/radera/tabort.asp" endpoint in Hogstorps hogstorp guestbook, where it fails to verify user credentials. This allows remote attackers to delete arbitrary posts by modifying the delID parameter.

Recommendations For Hogstorps hogstorp guestbook version 2.0, consider restricting access to the "admin/radera/tabort.asp" endpoint until a proper fix is implemented to verify user credentials before allowing post deletion. As a temporary workaround, avoid using the delID parameter in the affected endpoint to minimize the risk of exploitation.