Published: 03/10/2008 Updated: 29/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 765

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions does not require administrative authentication, which allows remote malicious users to change arbitrary passwords.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phlatline personal information manager

- -= pPIM Multiple Vulnerabilities =- Version Tested: pPIM 10 Vendor notified Full details can also be found at wwwlampsecurityorg/node/18 Author: Justin C Klein Keane <justin@madirishnet> Description pPIM (wwwphlatlineorg/indexphp?page=prod-ppim) is a Personal Information Management application written in PHP that c ...

########################################################## #Author : BeyazKurt #Contact : Djm-sut@HotmailCom # #Script : Ppim v10 [Bu ne bicim script adidir amk :D ] #Download : scriptsringsworldcom/organizers/ppimzip # # D0rk : inurl:eventsphp?listallevents # # File Delete Vulnerability: uploadphp # # Example:creawebscommx/ ...

Ppim <= 10 (upload/change password) Multiple Vulnerabilities cript : Ppim v10 Download : scriptsringsworldcom/organizers/ppimzip By Stack Poc 1: change password for change password go to this link localhost/ppim/changepasswordphp writhe your password and confirm it Poc 2 : upload localhost/ppim/uploadphp you can uplo ...

CWE-287 http://www.securityfocus.com/bid/30627 http://secunia.com/advisories/31424 http://securityreason.com/securityalert/4349 https://exchange.xforce.ibmcloud.com/vulnerabilities/44389 https://www.exploit-db.com/exploits/6231 https://nvd.nist.gov https://www.exploit-db.com/exploits/8105/

CVE-2008-4427

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect