comments.php in Simplog 0.9.3.2, and possibly earlier, does not properly restrict access, which allows remote malicious users to edit or delete comments via the (1) edit or (2) del action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
simplog simplog 0.9.3.2 |