### [CVE-2008-5708](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5708)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote attackers to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1.

### POC

#### Reference
- http://securityreason.com/securityalert/4804
- https://www.exploit-db.com/exploits/6729

#### Github
No PoCs found on GitHub currently.