CVE-2008-6553

microcms-admin-home.php in Implied by Design Micro CMS Micro-CMS 3.5 aka 0.3.5 does not require authentication as an administrator, which allows remote attackers to 1 create administrative accounts via an addadmin action, 2 remove administrative accounts via a deleteadmin action, and 3 modify...