|
|
CVE Reference: CVE-2008-5219 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-5219 |
|
|
Description: The password change feature (admin/cp.php) in VideoScript 4.0.1.50 and earlier does not check for administrative authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified npass and npass1 parameters. |
|
|
CVE Status: Candidate |
|
|
References: SREASON http://securityreason.com/securityalert/4634 SAID Secunia Advisory: SA32718 OSVDB 49885 MILW0RM http://www.milw0rm.com/exploits/7149 |
|
| Return to the previous page. |
