PT-2008-1624 · 2Z · 2Z Project

Published

2008-01-04

·

Updated

2018-10-15

·

CVE-2007-6661

CVSS v2.0

6.4

Medium

VectorAV:N/AC:L/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions 2z project version 0.9.6.1
Description The issue allows attackers to change the password without supplying the old password.
Recommendations For version 0.9.6.1, update to a newer version that contains a fix for this issue, as it allows unauthorized password changes.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2007-6661

Affected Products

2Z Project