CVE-2008-6752

Name of the Vulnerable Software and Affected Versions: ReVou Micro Blogging TClone plugin (affected versions not specified)

Description: The issue concerns the adminlogin/password.php file in the TClone plugin, where it fails to verify the original password before allowing a password change. This allows remote attackers to change the administrator's password and gain privileges by sending a direct request with modified newpass1 and newpass2 parameters in a Change operation.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.