index2.php in ACGVannu 1.3 and earlier allows remote attackers to change the password or profile of a user via a modified id parameter, related to templates/modif.html. NOTE: some of these details are obtained from third party information.
AV:N/AC:L/Au:N/C:N/I:P/A:P
03/02/2007
by Mentiss Acgv
17 years ago