← volver
CVE-2007-4047

CVE-2007-4047

EPSS 3.3%
geoBlog (aka BitDamaged) 1 does not require authentication for (1) deletecomment.php, (2) deleteblog.php, and (3) listcomment.php in admin/, which allows remote attackers to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request with a valid id parameter.
Productos afectados
n/a · n/a
PoCs públicas encontradas2
exploitdbwww.exploit-db.com/exploits/30321no verificadoexploitdbwww.exploit-db.com/exploits/30320no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://osvdb.org/42485http://osvdb.org/42486http://osvdb.org/42487http://securityreason.com/securityalert/2934https://exchange.xforce.ibmcloud.com/vulnerabilities/35494http://www.securityfocus.com/archive/1/474127/100/0/threadedhttp://www.securityfocus.com/bid/24966