CVE-2008-0141

Опубликовано: 08 янв. 2008

Источник: nvd

CVSS3: 7.5

CVSS2: 7.5

EPSS Низкий

Описание

actions.php in WebPortal CMS 0.6-beta generates predictable passwords containing only the time of day, which makes it easier for remote attackers to obtain access to any account via a lostpass action.

Ссылки

http://www.securityfocus.com/bid/27145
Broken Link
Exploit
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/39486
VDB Entry
https://www.exploit-db.com/exploits/4835
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/27145
Broken Link
Exploit
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/39486
VDB Entry
https://www.exploit-db.com/exploits/4835
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webportal_cms_project:webportal_cms:0.6.0:beta:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.0588

Низкий

7.5 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-330

Связанные уязвимости

GHSA-4x8w-5x74-c8v5

CVSS3: 7.5

github

почти 4 года назад

EPSS

Процентиль: 90%

0.0588

Низкий

7.5 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-330