LoveCMS Multiple Security Bypass Vulnerabilities

Bugtraq ID:	30562
Class:	Access Validation Error
CVE:	CVE-2008-3509
Remote:	Yes
Local:	No
Published:	Aug 06 2008 12:00AM
Updated:	May 07 2015 05:25PM
Credit:	PoMdaPiMp
Vulnerable:	LoveCMS LoveCMS 1.6.2
Not Vulnerable:

LoveCMS Multiple Security Bypass Vulnerabilities

LoveCMS is prone to multiple security-bypass vulnerabilities because the application fails to properly control access to some pages.

Attackers can exploit these issues to bypass certain security restrictions and modify application settings or execute arbitrary code.

The issues affect LoveCMS 1.6.2; prior versions may also be affected.

LoveCMS Multiple Security Bypass Vulnerabilities

Attackers can use a browser to exploit these issues.

LoveCMS Multiple Security Bypass Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

LoveCMS Multiple Security Bypass Vulnerabilities

References:

• LoveCMS Homepage (LoveCMS)