3 matches found
CVE-2009-2328
admin/edituser.php in KerviNet Forum 1.1 and earlier does not require administrative authentication, which allows remote attackers to delete arbitrary accounts and conduct SQL injection attacks via the deluserid parameter...
CVE-2009-2328
CVE-2009-2328 affects KerviNet Forum versions 1.1 and earlier. The issue is in admin/edit_user.php which does not require administrative authentication, enabling remote attackers to delete arbitrary user accounts and perform SQL injection via the del_user_id parameter. The available connected doc...
CVE-2009-2328
creationtimestamp| type| source ---|---|--- 2009-07-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9068...