2 matches found
CVE-2007-0681
profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php...
CVE-2007-0681
CVE-2007-0681 affects ExtCalendar 2 and earlier. The vulnerability: profile.php lets remote attackers change arbitrary users’ passwords without the original password by submitting modified values to register.php, potentially enabling other unauthorized actions. Impact is noted as high/critical (C...