2009-12-29 20:15:00
mitre
PUBLISHED
Jax Guestbook 3.5.0 allows remote attackers to bypass authentication and modify administrator settings via a direct request to admin/guestbook.admin.php.