changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions does not require administrative authentication, which allows remote malicious users to change arbitrary passwords.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phlatline personal information manager |