CVE-2007-6547
CVE-2007-6547 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
RunCMS before 1.6.1 does not require entry of the old password during a password change, which allows context-dependent attackers to change passwords upon obtaining temporary access to a session.
Learn more about our Cms Pen Testing.