Enthrallweb eClassifieds 1.0 - Remote User Pass Change Exploit

No description provided by source. form action=target/myprofile.asp method=POST name=form2 p /p table align=center cellpadding=1 cellspacing=1 tr valign=baseline td align=right nowrap class=title Change Profile=Username input type=text name=MMrecordId value=ajann /td td input type=text...

CVE-2006-6822

myprofile.asp in Enthrallweb eClassifieds does not properly validate the MMrecordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MMrecordId parameter...

CVE-2006-6821

myprofile.asp in Enthrallweb eNews does not properly validate the MMrecordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MMrecordId parameter...

CVE-2006-6820

The CVE-2006-6820 issue concerns Enthrallweb eCoupons, where myprofile.asp does not properly validate the MM_recordId parameter during profile updates. This allows remote authenticated users to modify certain profile fields of another account by supplying that account’s username in a modified MM_...

CVE-2006-6821

myprofile.asp in Enthrallweb eNews does not properly validate the MMrecordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MMrecordId parameter...

CVE-2006-6820

myprofile.asp in Enthrallweb eCoupons does not properly validate the MMrecordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MMrecordId parameter...

CVE-2006-6822

Vulnerability : In Enthrallweb eClassifieds, myprofile.asp does not properly validate the MM_recordId parameter during profile updates. This allows remote authenticated users to modify certain profile fields of another account by supplying that account’s username in a modified MM_recordId value. ...

Enthrallweb eCoupons 1.0 - myprofile.asp Remote Pass Change

Enthrallweb eCoupons 1.0 - myprofile.asp Remote Pass Change PASSWORD: Change Profile UserName= FIRST: LAST:...

Enthrallweb eCoupons 1.0(myprofile.asp) Remote Pass Change Exploit

No description provided by source. form action="target/myprofile.asp" method="POST" name="form2" p/p table align="center" cellpadding="1" cellspacing="1" tr valign="baseline" td align="right" nowrap class="title"strongfont face="Verdana, Arial, Helvetica, sans-serif"PASSWORD:/font/strong/td Chang...

Enthrallweb eClassifieds 1.0 Remote User Pass Change Exploit

No description provided by source. form action="target/myprofile.asp" method="POST" name="form2" p/p table align="center" cellpadding="1" cellspacing="1" tr valign="baseline" td align="right" nowrap class="title" Change Profile=Username input type="text" name="MMrecordId" value="ajann" /td td inp...