CVE Vulnerabilities

CVE-2006-0157

Published: Jan 10, 2006 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remote attackers to change the administrator password via a change action that specifies identical values for the passwd and admin_password parameters, then declares the new password string in the new_passwd and confirm_passwd parameters.

Affected Software

Name Vendor Start Version End Version
Magic_news_plus Reamday_enterprises 1.0.3 (including) 1.0.3 (including)

References