2001-04-04 04:00:00
mitre
PUBLISHED
PHP-Nuke 4.4.1a allows remote attackers to modify a users email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator.