Arbitrary Message Deletion in ASPjar Guestbook 1.00

Arbitrary Message Deletion in ASPjar Guestbook 1.00

CVE-2002-1730 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".

Learn more about our Web Application Penetration Testing UK.