- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 30088
- Проверка EDB
-
- Пройдено
- Автор
- 242TH SECTION
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-5579
- Дата публикации
- 2007-05-25
Код:
source: https://www.securityfocus.com/bid/24158/info
Pligg is prone to a security-bypass vulnerability due to a design error when resetting forgotten passwords.
An attacker may exploit this issue to reset account passwords for arbitrary users and then compromise a vulnerable application. This can also aid the attacker in further attacks.
Pligg 9.5 is reported vulnerable; other versions may also be affected.
http://www.example.com/login.php?processlogin=4&username=admin&confirmationcode=1234567891e2f566cbda0a9c855240bf21b8bae030404cad7
- Источник
- www.exploit-db.com