CVE-2008-5308

Publication date

2008-12-02 11:00:00

Family

mitre

State

PUBLISHED

Description

The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does not properly restrict access to administrator functions, which allows remote attackers to change the administrator password via a direct request to modules/simpleforum/admin/index.php.