GeoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion

Author: joseph.giron13
type: webapps
platform: php
port: 
date_added: 2007-07-19  
date_updated: 2013-12-16  
verified: 1  
codes: CVE-2007-4047;OSVDB-42485  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 30320.txt  

source: https://www.securityfocus.com/bid/24966/info

geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments.

An attacker may exploit these issues to delete blogs and comments regardless of the security settings. This may aid the attacker in further attacks.

geoBlog v1 is vulnerable to these issues.

http://www.example.com/blog/admin/deletecomment.php?id=16