CVE-2009-2960

Metadata

CVE-2009-2960
7.5
securityfocus.com, securityfocus.com
2009-08-25
2017-06-06 20:20

Description

CuteFlow 2.10.3 and 2.11.0_c does not properly restrict access to pages/edituser.php, which allows remote attackers to modify usernames and passwords via a direct request.

Related Vulnerabilities