Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5708

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5708
Last Modified 29 Jan 2009 01:59:59
Published 24 Dec 2008 01:29:15
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5708

Summary

redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote attackers to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1.

Vulnerable Systems

Application

  • Slimcms 1.0.0


References

XF - slimcms-redirect-security-bypass(45824)

BID - 31736

MILW0RM - 6729

SREASON - 4804


Last Updated: 27 May 2016 10:48:54