MidnightBSD

Advisories for mzbservices

CVE-2009-0383 MEDIUM

delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to delete arbitrary blog posts via a direct request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mzbservices max.blog 1.0.6