CVE-2006-6995 Information

Description

mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a modified membername parameter.

Reference

http://www.securityfocus.com/archive/1/437755/100/200/threaded http://www.securityfocus.com/bid/18543 http://www.vupen.com/english/advisories/2006/2474