Vulnerabilities > CVE-2009-4674 - Credentials Management vulnerability in Mole-Group products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Mole Group Sky Hunter/Bus Ticket Scripts Change Admin Pass Exploit. CVE-2009-4674. Webapps exploit for php platform |
file | exploits/php/webapps/8774.html |
id | EDB-ID:8774 |
last seen | 2016-02-01 |
modified | 2009-05-22 |
platform | php |
port | |
published | 2009-05-22 |
reporter | G4N0K |
source | https://www.exploit-db.com/download/8774/ |
title | Mole Group Sky Hunter/Bus Ticket Scripts Change Admin Pass Exploit |
type | webapps |