logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2010-5093

Description

Member_ProfileForm in security/Member.php in SilverStripe 2.3.x before 2.3.7 allows remote attackers to hijack user accounts by saving data using the email address (ID) of another user.


Affected Software


CPE Name Name Version
silverstripe:silverstripe silverstripe 2.3.0
silverstripe:silverstripe silverstripe 2.3.0
silverstripe:silverstripe silverstripe 2.3.0
silverstripe:silverstripe silverstripe 2.3.5
silverstripe:silverstripe silverstripe 2.3.1
silverstripe:silverstripe silverstripe 2.3.1
silverstripe:silverstripe silverstripe 2.3.2
silverstripe:silverstripe silverstripe 2.3.3
silverstripe:silverstripe silverstripe 2.3.4
silverstripe:silverstripe silverstripe 2.3.0
silverstripe:silverstripe silverstripe 2.3.1
silverstripe:silverstripe silverstripe 2.3.6