CVE-2008-5308
LoveCMS 1.6.2 Final - Auth Bypass
Title source: llmDescription
The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does not properly restrict access to administrator functions, which allows remote attackers to change the administrator password via a direct request to modules/simpleforum/admin/index.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by cOndemned · phpwebappsphp
https://www.exploit-db.com/exploits/7191
References (7)
Scores
EPSS
0.0974
EPSS Percentile
93.0%
Details
CWE
CWE-264
Status
published
Products (1)
lovecms/the_simple_forum
3.1d
Published
Dec 02, 2008
Tracked Since
Feb 18, 2026