CVE-2008-4245

Name of the Vulnerable Software and Affected Versions: Rianxosencabos CMS version 0.9

Description: The issue concerns the Admin Control Panel, which does not require administrator privileges. This allows remote authenticated users to perform various administrative actions, including changing a user's privileges, deleting a user account, or other unspecified actions. These actions can be performed via vectors involving an admin lista action to the default URI, possibly related to the useradmin.php file.

Recommendations: For Rianxosencabos CMS version 0.9, consider restricting access to the Admin Control Panel to only authorized administrators until a fix is available. As a temporary workaround, limit the use of the admin lista action and access to the default URI to minimize the risk of exploitation.