Vulnerabilities > 2Daybiz > Template Monster Clone > Medium

DATE CVE VULNERABILITY TITLE RISK
2009-05-22 CVE-2009-1767 Permissions, Privileges, and Access Controls vulnerability in 2Daybiz Template Monster Clone
admin/edituser.php in 2daybiz Template Monster Clone does not require administrative authentication, which allows remote attackers to modify arbitrary accounts via the (1) loginname, (2) password, (3) email, (4) firstname, or (5) lastname parameter.
network
low complexity
2daybiz CWE-264
5.0