VULHUB ™

Active PHP Bookmarks (APB) is prone to a vulnerability which may allow a remote attacker to add bookmarks arbitrarily. The user ID is stored in a hidden form field of the add_bookmark form. An attacker may submit this form with an arbitrary value in the appropriate form field. This will permit the remote attacker to add bookmarks for any user.

Active PHP Bookmarks (APB) is prone to a vulnerability which may allow a remote attacker to add bookmarks arbitrarily. The user ID is stored in a hidden form field of the add_bookmark form. An attacker may submit this form with an arbitrary value in the appropriate form field. This will permit the remote attacker to add bookmarks for any user.