Vulnerabilities > Deluxebb > Deluxebb > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-12-04 | CVE-2007-6237 | Improper Authentication vulnerability in Deluxebb 1.09 cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail addresses of arbitrary accounts via a modified membercookie parameter, a different vector than CVE-2006-4078. | 9.0 |