CVE-2006-4580
Summary
register.php in The Address Book 1.04e allows remote attackers to bypass the "Allow User Self-Registration" setting and create arbitrary users by setting the mode parameter to "confirm".
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published