CVE-2006-0691

Sažetak

edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account.

Reference

http://secunia.com/advisories/18854
http://www.evuln.com/vulns/69/summary.html
http://www.securityfocus.com/archive/1/425505/100/0/threaded
http://www.securityfocus.com/bid/16630
http://www.securityfocus.com/bid/16731
http://www.vupen.com/english/advisories/2006/0524
https://exchange.xforce.ibmcloud.com/vulnerabilities/24570

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

19-10-2018 - 15:45

Objavljeno

15-02-2006 - 11:06