← back
CVE-2012-4035

CVE-2012-4035

EPSS 3.1%
The new_password page in PBBoard 2.1.4 allows remote attackers to change the password of arbitrary user accounts via the member_id and new_password parameters to index.php.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/37615unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/84481http://secunia.com/advisories/50153https://exchange.xforce.ibmcloud.com/vulnerabilities/77506https://www.htbridge.com/advisory/HTB23101http://www.pbboard.com/forums/t10352.htmlhttp://www.pbboard.com/forums/t10353.htmlhttp://www.securityfocus.com/bid/54916