add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to add arbitrary bookmarks as other users using a modified auth_user_id parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Active_php_bookmarks | Active_php_bookmarks | 1.1.01 (including) | 1.1.01 (including) |