management.php in Realnode Emilda 1.2.2 and earlier allows remote attackers to perform actions as other users by modifying the user_id parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Emilda | Realnode | 1.2.1 | 1.2.1 |
Emilda | Realnode | 1.2_alpha | 1.2_alpha |
Emilda | Realnode | 1.2 | 1.2 |
Emilda | Realnode | 1.1 | 1.1 |
Emilda | Realnode | 1.2.2 | 1.2.2 |
Emilda | Realnode | 1.2_beta | 1.2_beta |