Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5441


Vulnerability Score 6.5 6.5
CVE Id CVE-2007-5441
Last Modified 15 Nov 2008 02:00:59
Published 14 Oct 2007 02:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE



CMS Made Simple does not check the permissions assigned to users in some situations, which allows remote authenticated users to perform some administrative actions, as demonstrated by (1) adding a user via a direct request to admin/adduser.php and (2) reading the admin log via an "admin/adminlog.php?page=1" request.

Vulnerable Systems


  • Cmsmadesimple Cms Made Simple


BUGTRAQ - 20071010 Several vulnerabilities in CMS Made Simple

OSVDB - 45481


SREASON - 3223

Last Updated: 27 May 2016 10:46:10