phpScheduleIt < 1.0.1 Reservation.class.php Arbitrary Reservation Modification
Medium Nessus Network Monitor Plugin ID 2410
SynopsisThe remote host is vulnerable to a flaw that allows for the bypassing of authentication.
DescriptionThe remote host is running phpScheduleIt, a web-based reservation system written in PHP. According to its banner, this version is reported vulnerable to an undisclosed issue that may allow an attacker to modify or delete phpScheduleIt reservations.
SolutionUpgrade to version 1.0.1 or higher.