RSS   Vulnerabilities for 'Template monster clone'   RSS

2009-05-22
 
CVE-2009-1767

CWE-264
 

 
admin/edituser.php in 2daybiz Template Monster Clone does not require administrative authentication, which allows remote attackers to modify arbitrary accounts via the (1) loginname, (2) password, (3) email, (4) firstname, or (5) lastname parameter.

 

 >>> Vendor: 2daybiz 13 Products
Auction script
Business community script
Template monster clone
Custom t-shirt design script
Polls script
Video community portal script
Web template software
Multi level marketing software
Matrimonial script
Job search engine script
Job site script
Network community script
Online classified script


Copyright 2024, cxsecurity.com

 

Back to Top