admin/edituser.php in 2daybiz Template Monster Clone does not require administrative authentication, which allows remote malicious users to modify arbitrary accounts via the (1) loginname, (2) password, (3) email, (4) firstname, or (5) lastname parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
2daybiz template monster clone - |