Description
WoWonder The Ultimate PHP Social Network Platform v4.0.0 was discovered to contain an access control issue which allows unauthenticated attackers to arbitrarily change group name by manipulation of value the argument group_id.
Proof of Concept
Software Link
References