edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-02-15T11:00:00

Updated: 2024-08-07T16:41:29.230Z

Reserved: 2006-02-15T00:00:00

Link: CVE-2006-0691

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-02-15T11:06:00.000

Modified: 2024-11-21T00:07:06.650

Link: CVE-2006-0691

cve-icon Redhat

No data.