2002-03-09 05:00:00
mitre
PUBLISHED
PHProjekt before 2.4a allows remote attackers to perform actions as other PHProjekt users by modifying the ID number in an HTTP request to PHProjekt CGI programs.