The exploit describes an authentication bypass vulnerability in ezCourses due to improper input validation. Attackers can manipulate the 'AdminID' and 'Master' parameters to add or change the admin account password without proper authorization.
Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:ezCourses (version unspecified)
No auth needed
Prerequisites:Access to the target application's admin interface