OpenForum 0.66 Beta allows remote attackers to bypass authentication and reset passwords of other users via a direct request with the update parameter set to 1 and modified user and password parameters.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Openforum |
2enetworx |
0.66 |
0.66 |
References