The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does not properly restrict access to administrator functions, which allows remote malicious users to change the administrator password via a direct request to modules/simpleforum/admin/index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lovecms the_simple_forum 3.1d |