admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2010-03-05 18:30
Updated : 2024-02-28 11:41
NVD link : CVE-2009-4674
Mitre link : CVE-2009-4674
CVE.ORG link : CVE-2009-4674
JSON object : View
Products Affected
mole-group
- bus_ticket_script
- sky_hunter_airline_ticket_sale_script
CWE
CWE-255
Credentials Management Errors