info
discussion
exploit
solution
references
TTS Software Time Tracking Software Edituser.PHP Access Validation Vulnerability
An exploit is not required.
An example URI has been provided:
http://www.example.com/timetracking/edituser.php? num=[userid]
Privacy Statement
Copyright 2010, SecurityFocus
