Vulnerabilities > CVE-2002-1462 - Authentication Bypassing vulnerability in OrganicPHP PHP-Affiliate Details.PHP Hidden Field

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

organicphp

NVD

Published: 2003-06-09

Updated: 2008-09-05

Summary

details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information of other users by modifying certain hidden form fields.

Vulnerable Configurations

Part	Description	Count
Application	Organicphp Organicphp PHP Affiliate 1.0 Organicphp PHP Affiliate 1.1	2

References

http://archives.neohapsis.com/archives/bugtraq/2002-08/0141.html
http://www.iss.net/security_center/static/9858.php
http://www.securityfocus.com/bid/5482