• info
• discussion
• exploit
• solution
• references

EnthrallWeb Multiple Products Myprofile.ASP Arbitrary User Password Change Vulnerability

An attacker can exploit this issue via a web client.

The following exploit code is available:

• /data/vulnerabilities/exploits/21739-eClassifieds.html
• /data/vulnerabilities/exploits/21739-eCoupons.html
• /data/vulnerabilities/exploits/21739-eNews.html