CVE-2007-5060
CVE-2007-5060 describes a CSRF vulnerability in XCMS within the admin action for index.php, affecting the cpass functionality. It allows remote attackers to change arbitrary passwords by submitting certain password_ and rpassword_ parameters, possibly related to timestamp values. The issue stems ...