cpe:/a:falcon:series_one_cms:1.4.3 CVE-2007-6490 2007-12-20T15:46:00.000-05:00 2017-09-28T21:29:57.800-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-12-21T10:18:00.000-05:00 SECUNIA 28047 OSVDB 40988 EXPLOIT-DB 4712 VUPEN ADV-2007-4173 Cross-site request forgery (CSRF) vulnerability in Falcon Series One CMS 1.4.3 allows remote attackers to change a password via a certain changepass action to index.php.