Vulnerabilities > CVE-2007-2715 - Remote Password Change vulnerability in Snaps Gallery Snaps Gallery 1.4.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Snaps! Gallery 1.4.4 Remote User Pass Change Exploit. CVE-2007-2715. Webapps exploit for php platform |
| file | exploits/php/webapps/3900.php |
| id | EDB-ID:3900 |
| last seen | 2016-01-31 |
| modified | 2007-05-11 |
| platform | php |
| port | |
| published | 2007-05-11 |
| reporter | Dj7xpl |
| source | https://www.exploit-db.com/download/3900/ |
| title | Snaps! Gallery 1.4.4 - Remote User Pass Change Exploit |
| type | webapps |