Credentials Management Errors
CVE-2009-4674
Summary
admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
CWE-255 - Credentials Management Errors
Weaknesses in this category are related to the management of credentials.
References
Advisory Timeline
- Published