Unrated severityNVD Advisory· Published Jul 10, 2007· Updated Jun 16, 2026
CVE-2007-3630
CVE-2007-3630
Description
changePW.php in AV Tutorial Script (avtutorial) 1.0 does not require authentication or knowledge of an old password for password changes, which allows remote attackers to change passwords for arbitrary users via a modified password parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:a:av_scripts:av_tutorial_script:1.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.