CVE-2007-1925

2007-04-10T19:19:00
ID CVE-2007-1925
Type cve
Reporter NVD
Modified 2017-07-28T21:31:08

Description

The borrado function in modules/Your_Account/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie.