CVE-2007-6237

DeluxeBB 1.09 - Auth Bypass

Title source: llm

Description

cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail addresses of arbitrary accounts via a modified membercookie parameter, a different vector than CVE-2006-4078. NOTE: this can be leveraged for administrative access by requesting password-reset e-mail through a lostpw action to misc.php.

Exploits (1)

exploitdb WORKING POC VERIFIED
by nexen · pythonwebappsphp
https://www.exploit-db.com/exploits/4661

References (4)

Scores

EPSS 0.0202
EPSS Percentile 83.6%

Classification

CWE
CWE-287
Status draft

Affected Products (1)

deluxebb/deluxebb

Timeline

Published Dec 04, 2007
Tracked Since Feb 18, 2026