header-logo
Suggest Exploit
vendor:
PBLang
by:
SecurityFocus
7.5
CVSS
HIGH
Design Error
863
CWE
Product Name: PBLang
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

PBLang Message Deletion Vulnerability

PBLang is reported to be prone to a vulnerability that can allow a registered user to delete arbitrary personal messages. The vulnerability exists due to a design error leading to a lack of access controls. An attacker can exploit this vulnerability by crafting a malicious URL in the following format: http://www.example.com/pblang/delpm.php?id=[PMID]&a=[Target user name]

Mitigation:

Ensure that access controls are properly implemented and enforced.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12694/info

PBLang is reported prone to a vulnerability that can allow a registered user to delete arbitrary personal messages. The vulnerability exists due to a design error leading to a lack of access controls. 

http://www.example.com/pblang/delpm.php?id=[PMID]&a=[Target user name]