CVE-2007-6547

RunCMS before 1.6.1 does not require entry of the old password during a password change, which allows context-dependent attackers to change passwords upon obtaining temporary access to a session.
Configurations

Configuration 1

cpe:2.3:a:runcms:runcms:*:*:*:*:*:*:*:*

Information

Published : 2007-12-28 12:46

Updated : 2018-10-15 09:55


NVD link : CVE-2007-6547

Mitre link : CVE-2007-6547

Products Affected
No products.