2z project 0.9.6.1 allows attackers to change the password without supplying the old password.
Medium
Date | CVE | Title | CVSS |
---|---|---|---|
2008-01-04 | CVE-2007-6659 | Cross-Site Scripting (XSS) vulnerability in 2Z Project 0.9.6.1 | 4.3 |
2008-01-04 | CVE-2007-6660 | Information Leak / Disclosure vulnerability in 2Z Project 0.9.6.1 | 5.0 |