|
|
CVE Reference: CVE-2006-5729 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-5729 |
|
|
Description: Yazd Discussion Forum before 3.0 beta does not properly manage forum permissions, which allows remote authenticated users to (1) reply to a message in an arbitrary forum, if authorized to create a message in any forum; and (2) perform certain unauthorized forum actions, related to an "error in how the permissions were assembled" that assigns extra permissions to users. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/29994 http://xforce.iss.net/xforce/xfdb/29996 SAID Secunia Advisory: SA22690 CONFIRM http://sourceforge.net/project/shownotes.php?group_id=39239&release_id=460547 BID 20889 |
|
| Return to the previous page. |
