CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-5219

The password change feature (admin/cp.php) in VideoScript 4.0.1.50 and earlier does not check for administrative authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified npass and npass1 parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.036

EPSS Ranking 87.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://osvdb.org/49885
http://secunia.com/advisories/32718
http://securityreason.com/securityalert/4634
https://www.exploit-db.com/exploits/7149
http://osvdb.org/49885
http://secunia.com/advisories/32718
http://securityreason.com/securityalert/4634
https://www.exploit-db.com/exploits/7149

Products affected by CVE-2008-5219

Videoscript » Videoscript » Version: Any

cpe:2.3:a:videoscript:videoscript:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-5219

Products

Pricing

Contact Us