CVE-2008-2134

The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie.

Date published : 2008-05-09

http://www.securityfocus.com/bid/29080

http://truzone.org/modules.php?name=Forums&file=viewtopic&p=332746