VYPR
Unrated severityNVD Advisory· Published Apr 7, 2009· Updated Jun 16, 2026

CVE-2008-6643

CVE-2008-6643

Description

LokiCMS 0.3.4 and possibly earlier versions does not properly restrict access to administrative functions, which allows remote attackers to bypass intended restrictions and modify configuration settings via the LokiACTION parameter in a direct request to admin.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Lokicms/Lokicms2 versions
    cpe:2.3:a:lokicms:lokicms:0.3.4:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:lokicms:lokicms:0.3.4:*:*:*:*:*:*:*
    • (no CPE)range: <=0.3.4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.