NVD

Id
6284  
Name
CVE-2008-6553  
Description
microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 (aka 0.3.5) does not require authentication as an administrator, which allows remote attackers to (1) create administrative accounts via an add_admin action, (2) remove administrative accounts via a delete_admin action, and (3) modify administrative passwords via a change_password action.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2009-03-30  
Modified Date
2009-08-11  
Seq
2008-6553  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
37001 6284 CVE-2008-6553 http://downloads.securityfocus.com/vulnerabilities/exploits/32063.pl  View
37002 6284 CVE-2008-6553 6933  View
37003 6284 CVE-2008-6553 32063  View
37004 6284 CVE-2008-6553 microcms-microcmsadminhome-security-bypass(46294)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
43220 JVNDB-2009-004227 Implied by Design Micro-CMS における管理者パスワードを変更される脆弱性 Implied by Design Micro CMS (Micro-CMS) の microcms-admin-home.php は、管理者として認証を必要としないため、以下の脆弱性が存在します。 CVE-2008-6553 36666 CVE-2008-6553 6284 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-004227.html 2009-03-30 2012-09-25 View