Vulnerabilities > CVE-2007-0049 - Unspecified vulnerability in Geckovich Tasktracker and Tasktracker PRO

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
geckovich
exploit available

Summary

Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to add administrative or other accounts via an Add action with a modified GroupID in a direct request to Customize.asp.

Vulnerable Configurations

Part Description Count
Application
Geckovich
2

Exploit-Db

descriptionTaskTracker <= 1.5 (Customize.asp) Remote Add Administrator Exploit. CVE-2007-0049. Webapps exploit for asp platform
fileexploits/asp/webapps/3068.html
idEDB-ID:3068
last seen2016-01-31
modified2007-01-01
platformasp
port
published2007-01-01
reporterajann
sourcehttps://www.exploit-db.com/download/3068/
titleTaskTracker <= 1.5 Customize.asp Remote Add Administrator Exploit
typewebapps