The vulnerability of the GLPI system’s request, incident, and inventory management functions, related to improper elimination of special elements used in SQL commands, allows a hacker to modify another user’s account data and gain control over it.

The vulnerability of the GLPI system for requests, incidents, and computer equipment inventory management is related to the improper elimination of certain elements used in SQL commands. Exploiting this vulnerability allows a malicious actor to remotely modify another user’s account data and gain...

CVE-2018-11096

Horse Market Sell & Rent Portal Script 1.5.7 has a CSRF vulnerability through which an attacker can change all of the target's account information remotely...

CVE-2006-2631

phpFoX allows remote authenticated users to modify arbitrary accounts via a modified NATIO cookie value, possibly the phpfoxuser parameter...

CVE-2001-0839

ibillpm.pl in iBill password management system generates weak passwords based on a client's MASTERACCOUNT, which allows remote attackers to modify account information in the .htpasswd file via brute force password guessing...