Security Advisory

CVE-2009-2960

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-08-25 17:00:00

Last updated 2024-08-07 06:07:37

Assigner mitre

State PUBLISHED

Description

CuteFlow 2.10.3 and 2.11.0_c does not properly restrict access to pages/edituser.php, which allows remote attackers to modify usernames and passwords via a direct request.

← Browse all CVEs View on cve.org ↗