Simple one-file GuestBook 1.0

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Simple one-file GuestBook 1.0
From: omnipresent@xxxxxxxx
Date: 9 Aug 2006 13:10:49 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

.:. Simple one-file guestbook 1.0 .:.

Date:
-----

August 08, 2006 

Vendor:
-------

http://www.xeroxer.com/index.php?page=3

Description:
------------

This is my simple one-file guestbook.
It's made of one .php file (the script) and one .txt file (the entrystorage 
file).
It uses no database just a flat textfile.
It is made so it's easy to include in any page.
It has admin login where you can edit and remove entrys.
Demo can be found at: 
http://php.xeroxer.com/simple_one-file_guestbook/demo/guestbook.php
Any help needed please mail me at: webmaster@xxxxxxxxxxx

Version:
--------

<= 1.0

Vulnerability(ies) / Exploit(s):
--------------------------------

I malicious people can Bypass Administrator Pannel to delete all of the 
messages in the GuestBook because there is no control
about admin credential.

PoC(s):
-------

An attacker can use this URL via the browser to delete all messages:

http://host/[path]/guestbook.php?id=4


Vendor Status:
--------------

[August 08, 2006] Informed!

Solution:
---------

[August 08, 2006] No solution available from the vendor.

You can edit the source code and control the administratior credential.

Credit:
-------
omnipresent
omnipresent[at]email[dot]it
http://it.security.netsons.org

Prev by Date: CGI Script Source Code Disclosure Vulnerability in Apache for Windows
Next by Date: Dragonfly CMS 9.0.6.1 and prior XSS
Previous by thread: Re: Re: CGI Script Source Code Disclosure Vulnerability in Apache for Windows
Next by thread: Dragonfly CMS 9.0.6.1 and prior XSS
Index(es):
- Date
- Thread