2006-06-07 10:00:00
mitre
PUBLISHED
profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action.