CVE-2006-2771 Information

Description

admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials which allows remote attackers to delete arbitrary posts via a modified delID parameter.

Reference

http://colander.altervista.org/advisory/HTGuestBook2.txt http://secunia.com/advisories/20402 http://www.securityfocus.com/bid/18205 http://www.vupen.com/english/advisories/2006/2082 https://exchange.xforce.ibmcloud.com/vulnerabilities/26979