VULHUB ™

In some cases MyGuestbook relies solely on the existence of a cookie token rather than the contents of the cookie when determining the authenticity of a user. The attacker may gain unauthorized access to administrative pages without the software sufficiently checking the properties of the local cookie. This vulnerability has been reported for MyGuestbook version 3.0, previous versions may also be affected.

In some cases MyGuestbook relies solely on the existence of a cookie token rather than the contents of the cookie when determining the authenticity of a user. The attacker may gain unauthorized access to administrative pages without the software sufficiently checking the properties of the local cookie. This vulnerability has been reported for MyGuestbook version 3.0, previous versions may also be affected.