Vulnerabilities > CVE-2007-4047 - Unspecified vulnerability in Geoblog 1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

geoblog

exploit available

NVD

Published: 2007-07-27

Updated: 2024-11-21

Summary

geoBlog (aka BitDamaged) 1 does not require authentication for (1) deletecomment.php, (2) deleteblog.php, and (3) listcomment.php in admin/, which allows remote attackers to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request with a valid id parameter.

Vulnerable Configurations

Part	Description	Count
Application	Geoblog Geoblog Geoblog 1	1

Exploit-Db

description	geoBlog MOD_1.0 deletecomment.php id Variable Remote Arbitrary Comment Deletion. CVE-2007-4047. Webapps exploit for php platform
id	EDB-ID:30320
last seen	2016-02-03
modified	2007-07-19
published	2007-07-19
reporter	joseph.giron13
source	https://www.exploit-db.com/download/30320/
title	geoBlog MOD_1.0 deletecomment.php id Variable Remote Arbitrary Comment Deletion

description	geoBlog MOD_1.0 deleteblog.php id Variable Remote Arbitrary Blog Deletion. CVE-2007-4047. Webapps exploit for php platform
id	EDB-ID:30321
last seen	2016-02-03
modified	2007-07-19
published	2007-07-19
reporter	joseph.giron13
source	https://www.exploit-db.com/download/30321/
title	geoBlog MOD_1.0 deleteblog.php id Variable Remote Arbitrary Blog Deletion

Summary

Vulnerable Configurations

Exploit-Db

References