exploitDog

GHSA-rcq7-x45j-38jc

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to delete arbitrary blog posts via a direct request.

delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to delete arbitrary blog posts via a direct request.

Ссылки

EPSS

Процентиль: 92%

0.08874

Низкий

CVE ID

Связанные уязвимости

CVE-2009-0383

nvd

около 17 лет назад

delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to delete arbitrary blog posts via a direct request.

EPSS

Процентиль: 92%

0.08874

Низкий

CVE ID