|
|
CVE Reference: CVE-2007-0760 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-0760 |
|
|
Description: EQdkp 1.3.1 and earlier authenticates administrative requests by verifying that the HTTP Referer header specifies an admin/ URL, which allows remote attackers to read or modify account names and passwords via a spoofed Referer. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/32152 SAID Secunia Advisory: SA24038 OSVDB 33112 MILW0RM http://milw0rm.com/exploits/3252 BID 20805 |
|
| Return to the previous page. |
