Privilege Escalation Vulnerability in Ultraapps Issue Manager 2.1

CVE-2005-4453 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

UserProfile.cs in Ultraapps Issue Manager before 2.1 allows remote authenticated users to gain administrator privileges by modifying the original (1) p_User_user_id and (2) User_user_id parameters to UserProfile.aspx, then modifying the password field.

Learn more about our Web Application Penetration Testing UK.