← back
CVE-2008-5308

CVE-2008-5308

EPSS 7.3%
The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does not properly restrict access to administrator functions, which allows remote attackers to change the administrator password via a direct request to modules/simpleforum/admin/index.php.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/7191unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/50067http://secunia.com/advisories/32758http://securityreason.com/securityalert/4676https://exchange.xforce.ibmcloud.com/vulnerabilities/46793https://www.exploit-db.com/exploits/7191http://www.securityfocus.com/bid/32435http://www.vupen.com/english/advisories/2008/3243