P-News 1.16 - Administrative Account Creation

Author: Peter Winter-Smith
type: remote
platform: multiple
port: 
date_added: 2003-05-24  
date_updated: 2012-11-12  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22649.txt  

source: https://www.securityfocus.com/bid/7689/info

A vulnerability has been reported that could enable a P-News member to create and access an administrative account. This is due to insufficient validation of data supplied to account editing input fields of P-News.

This issue was reported in P-News 1.16. Other versions may also be affected.

Peter|-|21232f297a57a5a743894a0e4a801fc3|-|0|-|none@nowhere.com|-||-|179ad45c6ce2cb97cf1029e212046e81|-|2|-|peter@aol.com|-|