Simple.PHP.Blog.Arbitrary.File.Deletion
Description
It indicates a possible exploit of a vulnerability in Simple PHP Blog.
Simple PHP Blog could allow a remote attacker to delete arbitrary files, as a result of a vulnerability in the comment_delete_cgi.php script. A remote attacker could send a specially-crafted request to the comment_delete_cgi.php script using the comment parameter to delete arbitrary files on the system or reset the administrator username and password by accessing the install03_cgi.php script.
Affected Products
Alexander Palmo Simple PHP Blog 0.4
Impact
Arbitrary File Deletion.
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |