CVE-2007-6087

VigileCMS 1.4 - CSRF

Title source: llm

Description

Cross-site request forgery (CSRF) vulnerability in index.php in VigileCMS 1.4 allows remote attackers to change the admin password via certain parameters to the changepass module.

Exploits (1)

exploitdb WRITEUP VERIFIED

by DevilAuron · textwebappsphp

https://www.exploit-db.com/exploits/4632

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/38558

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/483907/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/26484

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4632

Scores

EPSS 0.0043

EPSS Percentile 61.9%

Classification

CWE

CWE-352

Status draft

Affected Products (1)

vigilecms/vigilecms

Timeline

Published Nov 22, 2007

Tracked Since Feb 18, 2026