Impliedbydesign - Micro-cms CVE

Filtered by vendor Impliedbydesign Subscriptions

Filtered by product Micro-cms Subscriptions

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-6553	1 Impliedbydesign	1 Micro-cms	2017-09-29	N/A
microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 (aka 0.3.5) does not require authentication as an administrator, which allows remote attackers to (1) create administrative accounts via an add_admin action, (2) remove administrative accounts via a delete_admin action, and (3) modify administrative passwords via a change_password action.

Page 1 of 1.