CVE-2007-5988

Published: Nov 15, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user accounts, which allows remote attackers to post shoutbox entries as arbitrary users via a modified nick field.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

42216

vdb-entry

x_refsource_OSVDB

http://sourceforge.net/project/shownotes.php?release_id=552477

x_refsource_CONFIRM

http://sourceforge.net/tracker/index.php?func=detail&aid=1764809&group_id=146822&atid=766508

x_refsource_CONFIRM

27550

third-party-advisory

x_refsource_SECUNIA

btitracker-shoutbox-security-bypass(38417)

vdb-entry

x_refsource_XF

26551

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-5988

Description

Affected Products

References