CVE-2007-1925

The borrado function in modules/Your_Account/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:tru-zone:nukeet:*:*:*:*:*:*:*:*

Information

Published : 2007-04-10 16:19

Updated : 2017-07-28 18:31


NVD link : CVE-2007-1925

Mitre link : CVE-2007-1925


JSON object : View

Advertisement

dedicated server usa

Products Affected

tru-zone

  • nukeet