Unrated severityNVD Advisory· Published Jul 25, 2006· Updated Apr 16, 2026

CVE-2006-3837

Description

delcookie.php in Professional Home Page Tools Guestbook changes the expiration date of a cookie instead of deleting the cookie's value, which makes it easier for attackers to steal the cookie and obtain the administrator's password hash after logout.

Affected products

Professional Home Page Tools/Professional Home Page Tools Guestbook
cpe:2.3:a:professional_home_page_tools:professional_home_page_tools_guestbook:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/21102nvdVendor Advisory
artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txtnvd
securityreason.com/securityalert/1275nvd
www.securityfocus.com/archive/1/440421/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/27775nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000