CVE-2002-0961

Name of the Vulnerable Software and Affected Versions: Voxel Dot Net CBMS versions 0.7 and earlier

Description: The issue allows remote attackers to perform unauthorized actions as other users. This can be achieved by exploiting vulnerabilities, such as possibly through a SQL injection attack, to conduct operations like deleting clients via the "dltclnt.php" endpoint.

Recommendations: For versions 0.7 and earlier, consider restricting access to the "dltclnt.php" endpoint until a fix is available. As a temporary workaround, limit the functionality of this endpoint to prevent unauthorized deletion of clients.