CVE-2007-1360

CVE-2007-1360 affects the Nodefamily module for Drupal 5.x, specifically versions before 5.x-1.0. The description reports an unspecified vulnerability that allows remote authenticated users to access and modify other users’ profiles via unspecified URL parameters. The available data do not specif...

CVE-2007-0697

CVE-2007-0697 affects the ACGVannu web application (version 1.3 and earlier). The issue is a logic flaw in index2.php related to a modified id parameter (referenced by templates/modif.html) that allows remote attackers to change a user’s password or profile. The available sources report this as a...

CVE-2007-0516

CVE-2007-0516 affects the Yana Framework prior to 2.8.5a. Remote authenticated users with permissions to modify a guestbook profile can modify or delete arbitrary guestbook profiles via unspecified vectors. The vulnerability implies integrity impact (partial) and potential system exposure at the ...

CVE-2002-1659

userprofile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the userid variable...

phpBB/gender mod allows get admin privilege, exploit/patch

Annoucement: Sua loi thay doi quyen user trong phpbb2.x In phpBB with the official Gender Mod, this vuln allows a normal user set her/himself to become a forum administrator. Nguoi viet/Author: PTTrung http://hackervn.net caothuvolam http://viethacker.net langtuhaohoa [email protected]...

CVE-2002-0293

FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file...

CVE-2002-0293

FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file...