CVE-2008-3509
CVE-2008-3509 affects LoveCMS 1.6.2. The vulnerability arises in system/admin/ where the files addblock.php, blocks.php, and themes.php do not require administrative authentication, allowing remote attackers to change configuration or execute arbitrary PHP code via addition of blocks and other ve...