Unrated severityNVD Advisory· Published Nov 25, 2008· Updated Apr 23, 2026

CVE-2008-5219

Description

The password change feature (admin/cp.php) in VideoScript 4.0.1.50 and earlier does not check for administrative authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified npass and npass1 parameters.

Affected products

Videoscript/Videoscript
cpe:2.3:a:videoscript:videoscript:*:*:*:*:*:*:*:*
Range: <=4.0.1.50

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/32718nvdVendor Advisory
osvdb.org/49885nvd
securityreason.com/securityalert/4634nvd
www.exploit-db.com/exploits/7149nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000