2006-05-28 01:00:00
mitre
PUBLISHED
phpFoX allows remote authenticated users to modify arbitrary accounts via a modified NATIO cookie value, possibly the phpfox_user parameter.