Published: 04/12/2007 Updated: 15/10/2018

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

VMScore: 905

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail addresses of arbitrary accounts via a modified membercookie parameter, a different vector than CVE-2006-4078. NOTE: this can be leveraged for administrative access by requesting password-reset e-mail through a lostpw action to misc.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
deluxebb deluxebb 1.09

#!/usr/bin/python #-*- coding: iso-8859-15 -*- ''' _ __ _____ _____ _ __ | '_ \ / _ \ \/ / _ \ '_ \ | | | | __/> < __/ | | | |_| |_|\___/_/\_\___|_| |_| ------------------------------------------------------------------------------------------------ Ã‚Â§ DeluxeBB 0day Remote Change Admin's credentials Ã‚Â§ --------------- ...

CWE-287 http://secunia.com/advisories/27794 http://www.securityfocus.com/bid/26572 http://securityreason.com/securityalert/3416 http://www.securityfocus.com/archive/1/484205/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/4661/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-6237

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect