CyberSec.Space Logo
Back to CVE Browser

CVE-2006-2807

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0490%
EPSS Percentile5.88th
PublishedJun 5, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to change the password of any account via a modified account id and possibly arbitrary values of the name, email, country, password, and passwordre parameters to profileupdate.asp.

Affected Platforms (CPE)

πŸ“¦
Aspwebsoft

Speedy Asp Discussion Forum

All versions

References & Advisories

πŸ”— http://securityreason.com/securityalert/1037
πŸ”— http://www.securityfocus.com/archive/1/435209/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/18170
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/26811
πŸ”— http://securityreason.com/securityalert/1037
πŸ”— http://www.securityfocus.com/archive/1/435209/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/18170
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/26811

Related Vulnerabilities

CVE-2006-610210.0

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X ser...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2006-502510.0

Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.2 have unknown impact and attack ve...