PT-2009-1994 · Openinvoice · Openinvoice

T0Pp8Uzz

Published

2009-03-25

Updated

2017-09-29

CVE-2008-6524

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions openInvoice versions 0.90 beta and earlier

Description The issue allows remote authenticated users to change the passwords of arbitrary users by modifying the uid parameter in the resetpass.php file. This can be exploited in conjunction with a separate vulnerability in auth.php to modify passwords without authentication.

Recommendations For openInvoice versions 0.90 beta and earlier, avoid using the resetpass.php file until a patch is available. As a temporary workaround, consider restricting access to the resetpass.php file to prevent unauthorized password changes. Additionally, restrict the use of the uid parameter in the resetpass.php file to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2008-6524

Affected Products

Openinvoice

PT-2009-1994 · Openinvoice · Openinvoice

CVE-2008-6524

Weakness Enumeration

Related Identifiers

Affected Products

References · 5