Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-2198
CVE-2004-2198
Description
account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:duware:duclassmate:1.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:duware:duclassmate:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:duware:duclassmate:1.1:*:*:*:*:*:*:*
- (no CPE)range: <=1.1
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/11363nvdExploit
- www.securitytracker.com/alerts/2004/Oct/1011597.htmlnvdExploitVendor Advisory
- www.osvdb.org/10663nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17682nvd
News mentions
0No linked articles in our index yet.