Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5219


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5219
Last Modified 29 Jan 2009 01:58:35
Published 25 Nov 2008 01:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The password change feature (admin/cp.php) in VideoScript and earlier does not check for administrative authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified npass and npass1 parameters.

Vulnerable Systems


  • Videoscript


MILW0RM - 7149

SREASON - 4634

SECUNIA - 32718

OSVDB - 49885

Last Updated: 27 May 2016 10:48:44