Free PHP VX Guestbook Cookie Authentication Bypass And Information Disclosure Vulnerabilities

Free PHP VX Guestbook is prone to an authentication-bypass vulnerability and an information-disclosure vulnerability.

An attacker can exploit the authentication-bypass vulnerability to gain administrative access to the affected application. The attacker can exploit the information-disclosure issue to download the application's database.

Free PHP VX Guestbook 1.6 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus