Vulnerabilities > CVE-2006-1026 - Remote Security vulnerability in JFacets
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID. This vulnerability affects JFacets versions prior to 0.2.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://secunia.com/advisories/19031
- http://sourceforge.net/project/shownotes.php?group_id=154666&release_id=396824
- http://sourceforge.net/tracker/index.php?func=detail&aid=1439037&group_id=154666&atid=792697
- http://www.vupen.com/english/advisories/2006/0767
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24958