Description
Anantasoft Gazelle CMS 1.0 allows remote attackers to conduct a password reset for other users via a modified user parameter to renew.php.
Affected products
- anantasoft / gazelle_cms1.0 – 1.0
References
- EXPLOIThttp://www.exploit-db.com/exploits/9425
- VENDOR_ADVISORYhttp://secunia.com/advisories/33686