CVE-2007-5988

blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user accounts, which allows remote attackers to post shoutbox entries as arbitrary users via a modified nick field.
Configurations

Configuration 1

cpe:2.3:a:bti-tracker:bti-tracker:*:*:*:*:*:*:*:*

Information

Published : 2007-11-15 12:46

Updated : 2017-07-29 01:33


NVD link : CVE-2007-5988

Mitre link : CVE-2007-5988

Products Affected
No products.