Unspecified vulnerability in Profile.php in Elite Bulletin Board before 1.0.10 allows remote attackers to modify profile information via unspecified vectors related to a remote form, probably related to direct requests and missing authorization checks.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Elite_bulletin_board | Elite_bulletin_board | 1.0.8 (including) | 1.0.8 (including) |
| Elite_bulletin_board | Elite_bulletin_board | 1.0.9 (including) | 1.0.9 (including) |
References
- http://osvdb.org/37819
- http://secunia.com/advisories/25926
- http://sourceforge.net/project/shownotes.php?release_id=520558\u0026group_id=175118
- http://www.securityfocus.com/bid/24763
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35261
- http://osvdb.org/37819
- http://secunia.com/advisories/25926
- http://sourceforge.net/project/shownotes.php?release_id=520558\u0026group_id=175118
- http://www.securityfocus.com/bid/24763
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35261