Critical severity9.8NVD Advisory· Published Sep 25, 2009· Updated Jun 16, 2026
CVE-2009-3421
CVE-2009-3421
Description
login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is enabled, allows remote attackers to bypass authentication and gain administrative access by setting the login_ok parameter to 1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:zenas:pao-bacheca_guestbook:2.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:zenas:pao-bacheca_guestbook:2.1:*:*:*:*:*:*:*
- (no CPE)range: =2.1
Patches
Vulnerability mechanics
References
4- www.osvdb.org/56757nvdBroken LinkExploit
- secunia.com/advisories/36023nvdBroken LinkVendor Advisory
- www.exploit-db.com/exploits/9293nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/52100nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.