Vulnerabilities > CVE-2006-0604 - Input Validation vulnerability in Hinton Design PHPhg Guestbook 1.2

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

hinton-design

NVD

Published: 2006-02-08

Updated: 2018-10-19

Summary

check.php in Hinton Design phphg Guestbook 1.2 does not check the user password when authenticating via cookies, which allows remote attackers to gain unauthorized access.

Vulnerable Configurations

Part	Description	Count
Application	Hinton_Design Hinton Design Phphg Guestbook 1.2	1

Packetstorm

data source	https://packetstormsecurity.com/files/download/43751/EV0058.txt
id	PACKETSTORM:43751
last seen	2016-12-05
published	2006-02-13
reporter	Aliaksandr Hartsuyeu
source	https://packetstormsecurity.com/files/43751/EV0058.txt.html
title	EV0058.txt

References

http://evuln.com/vulns/58/description.html
http://secunia.com/advisories/18758
http://securitytracker.com/id?1015620
http://www.securityfocus.com/archive/1/424740/100/0/threaded
http://www.securityfocus.com/bid/16541
http://www.vupen.com/english/advisories/2006/0480