CVE-2010-5318

Name of the Vulnerable Software and Affected Versions SweetRice CMS versions prior to 0.6.7.1

Description The issue concerns the password-reset feature in the as/index.php file. It allows remote attackers to change the administrator's password by providing the administrator's e-mail address in the email parameter.

Recommendations For versions prior to 0.6.7.1, update to version 0.6.7.1 or later to resolve the issue.