Hogstorps Guestbook 2.0 - Unauthorized Access

Author: omnipresent
type: webapps
platform: asp
port: 
date_added: 2006-05-01  
date_updated: 2013-08-29  
verified: 1  
codes: CVE-2006-2771;OSVDB-25930  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 27932.txt  

source: https://www.securityfocus.com/bid/18205/info

Hogstorps guestbook is prone to an access-authorization vulnerability. The issue occurs because the affected script fails to prompt for authentication credentials.

An attacker can exploit this issue to delete and modify application data. This could aid in further attacks on the affected computer.

Version 2.0 is vulnerable; other versions may also be affected.

http://www.example.com/[path_of_application]/admin/radera/tabort.asp?delID=119