CVE-2008-6774

Name of the Vulnerable Software and Affected Versions: YourPlace versions 1.0.2 and earlier

Description: The issue allows remote attackers to bypass intended restrictions and edit toolbar settings via an invalid username. This occurs because the internettoolbar/edit.php file in the affected software does not end execution when an invalid username is detected.

Recommendations: For versions 1.0.2 and earlier, consider temporarily disabling the edit.php file in the internettoolbar directory until a patch is available. Restrict access to the internettoolbar/edit.php endpoint to minimize the risk of exploitation. Avoid using invalid username values in the affected endpoint until the issue is resolved.