2007-03-07 20:00:00
mitre
PUBLISHED
edit_user.php in Call Center Software 0.93 and earlier allows remote attackers to obtain sensitive information such as account passwords via a modified user_id parameter.