CVE-2008-0245

Name of the Vulnerable Software and Affected Versions UploadImage version 1.0

Description The issue allows remote attackers to gain administrator privileges. This is due to the lack of original password verification when changing to a new password. The pass parameter in a 'nopass' (Set Password) action is vulnerable to exploitation.

Recommendations For UploadImage version 1.0, consider disabling the password change functionality until a proper fix is implemented to require the original password for changes. Restrict access to the admin.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.