login/register_form.php in YourPlace 1.0.2 and previous versions does not check that a username already exists when a new account is created, which allows remote malicious users to bypass intended access restrictions by registering a new account with the username of a target user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
peterselie yourplace 1.0 |
||
peterselie yourplace 1.0.1 |
||
peterselie yourplace |