Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Vanilla Forums Permissions Privileges and Access Controls Vulnerability - CVE-2012-4954 - Vulnerability Database
Vanilla Forums

Vanilla Forums Permissions Privileges and Access Controls Vulnerability - CVE-2012-4954

Low
Reference: CVE-2012-4954
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-4954
Title: Vanilla Forums Permissions Privileges and Access Controls Vulnerability
Overview:

The edit-profile page in Vanilla Forums before 2.1a32 allows remote authenticated users to modify arbitrary profile settings by replacing the UserID value during a man-in-the-middle attack related to a quotparameter manipulationquot issue.