CVE-2006-2807

EPSS 4.0%

ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to change the password of any account via a modified account id and possibly arbitrary values of the name, email, country, password, and passwordre parameters to profileupdate.asp.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/1849unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://securityreason.com/securityalert/1037 https://exchange.xforce.ibmcloud.com/vulnerabilities/26811 http://www.securityfocus.com/archive/1/435209/100/0/threaded http://www.securityfocus.com/bid/18170