home/register.php in Eggblog before 3.0 allows remote attackers to change the password of administrators and possibly other users via a modified username parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Eggblog | Epic_designs | 2.0 | 2.0 |
Eggblog | Epic_designs | 3.0 | 3.0 |
Eggblog | Epic_designs | * | 3.0.6 |