Vulnerability Description
ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aspjar | Aspjar Guestbook | 1.0 |
References
- http://online.securityfocus.com/archive/82/270970
- http://www.ifrance.com/kitetoua/tuto/5holes4.txtVendor Advisory
- http://www.securityfocus.com/bid/4671
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9006
- http://online.securityfocus.com/archive/82/270970
- http://www.ifrance.com/kitetoua/tuto/5holes4.txtVendor Advisory
- http://www.securityfocus.com/bid/4671
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9006
FAQ
What is CVE-2002-1730?
CVE-2002-1730 is a vulnerability with a CVSS score of 5.0 (MEDIUM). ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".
How severe is CVE-2002-1730?
CVE-2002-1730 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1730?
Check the references section above for vendor advisories and patch information. Affected products include: Aspjar Aspjar Guestbook.