CVE-2006-4580

2007-01-0320:00:00

flexera

www.cve.org

AI Score

6.8

Confidence

Low

EPSS

0.017

Percentile

88.0%

JSON

register.php in The Address Book 1.04e allows remote attackers to bypass the “Allow User Self-Registration” setting and create arbitrary users by setting the mode parameter to “confirm”.

References

osvdb.org/32561

secunia.com/advisories/21694

secunia.com/secunia_research/2006-76/advisory/

www.securityfocus.com/bid/21870

exchange.xforce.ibmcloud.com/vulnerabilities/31249