Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1780


Vulnerability Score 7.5 7.5
CVE Id CVE-2009-1780
Last Modified 27 May 2009 12:00:00
Published 22 May 2009 04:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



admin.php in Php Recommend 1.3 and earlier does not require authentication when the user password is changed, which allows remote attackers to gain administrative privileges via modified form_admin_user and form_admin_pass parameters.

Vulnerable Systems


  • Roboform Php Recommend 1.3


VUPEN - ADV-2009-1287

BID - 34909

MILW0RM - 8658

Last Updated: 27 May 2016 10:50:40