CVE-2008-5708

2008-12-2417:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.021

Percentile

89.4%

JSON

redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote attackers to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1.

References

securityreason.com/securityalert/4804

www.securityfocus.com/bid/31736

exchange.xforce.ibmcloud.com/vulnerabilities/45824

www.exploit-db.com/exploits/6729