Описание
member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter.
member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-6957
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46785
- https://www.exploit-db.com/exploits/7185
- http://secunia.com/advisories/32731
- http://www.80vul.com/dzvul/sodb/14/dz-exp-sodb-2008-14_php.htm
- http://www.discuz.net/archiver/?tid-1112426.html
- http://www.securityfocus.com/bid/32424
EPSS
Процентиль: 91%
0.06677
Низкий
CVE ID
Связанные уязвимости
nvd
больше 16 лет назад
member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter.
EPSS
Процентиль: 91%
0.06677
Низкий