admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:10
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.exploit-db.com/exploits/8774 - | |
References | () http://www.securityfocus.com/bid/35079 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/50722 - |
Information
Published : 2010-03-05 18:30
Updated : 2024-11-21 01:10
NVD link : CVE-2009-4674
Mitre link : CVE-2009-4674
CVE.ORG link : CVE-2009-4674
JSON object : View
Products Affected
mole-group
- sky_hunter_airline_ticket_sale_script
- bus_ticket_script
CWE
CWE-255
Credentials Management Errors