Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0383

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2009-0383
Last Modified 02 Feb 2009 12:00:00
Published 02 Feb 2009 02:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0383

Summary

delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to delete arbitrary blog posts via a direct request.

Vulnerable Systems

Application

  • Mzbservices Max.blog 1.0.6


References

CONFIRM - http://www.mzbservices.com/show_post.php?id=72

SECUNIA - 33590

XF - maxblog-delete-security-bypass(48125)

BID - 33368

MILW0RM - 7835

OSVDB - 51482


Last Updated: 27 May 2016 10:50:14