CVE-2007-6547
CVE-2007-6547 affects RunCMS prior to 1.6.1. The issue arises because the password-change flow does not require the entry of the old password, enabling a context-dependent attacker with temporary session access to change the password. The CVSSv2 base score listed is 6.8 (Medium) with network atta...