Sense of Security FileBound Privilege Escalation Vulnerability
19 Oct. 2012
The FileBound On-Site document management application is vulnerable to a privilege escalation attack by sending a modified password request to the FileBound web service. By modifying the UserID value you can reset the password of any local user in the application without requiring administrative privileges.
The information has been provided by Nathaniel Carew from Sense of Security Labs..