Unrated severityNVD Advisory· Published May 22, 2009· Updated Jun 16, 2026
CVE-2009-1767
CVE-2009-1767
Description
admin/edituser.php in 2daybiz Template Monster Clone does not require administrative authentication, which allows remote attackers to modify arbitrary accounts via the (1) loginname, (2) password, (3) email, (4) firstname, or (5) lastname parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:2daybiz:template_monster_clone:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:2daybiz:template_monster_clone:-:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.