CVE-2009-4674

admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mole-group:bus_ticket_script:-:*:*:*:*:*:*:*
cpe:2.3:a:mole-group:sky_hunter_airline_ticket_sale_script:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-03-05 18:30

Updated : 2024-02-28 11:41


NVD link : CVE-2009-4674

Mitre link : CVE-2009-4674

CVE.ORG link : CVE-2009-4674


JSON object : View

Products Affected

mole-group

  • bus_ticket_script
  • sky_hunter_airline_ticket_sale_script
CWE
CWE-255

Credentials Management Errors