CVE-2008-5221
CVE-2008-5221 affects wPortfolio 0.3 and earlier. The account_save action in admin/userinfo.php does not require authentication or knowledge of the original password, allowing remote attackers to change the admin password by submitting modified password and password_retype parameters. CVSS data i...