RSS   Vulnerabilities for 'Cuteflow'   RSS

2009-08-25
 
CVE-2009-2960

CWE-264
 

 
CuteFlow 2.10.3 and 2.11.0_c does not properly restrict access to pages/edituser.php, which allows remote attackers to modify usernames and passwords via a direct request.

 


Copyright 2024, cxsecurity.com

 

Back to Top