Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-05-16T10:00:00

Updated: 2024-08-07T13:49:57.185Z

Reserved: 2007-05-15T00:00:00

Link: CVE-2007-2715

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-05-16T10:19:00.000

Modified: 2024-11-21T00:31:28.800

Link: CVE-2007-2715

cve-icon Redhat

No data.