CVE-2007-5579 in Pligg CMSinfo

Summary

login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, which allows remote attackers with knowledge of a username to reset that user s password by calculating the confirmationcode parameter.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

10/18/2007

Disclosure

10/18/2007

Moderation

VulDB entry created

Entries

1: VDB-39366

CPE

ready

CWE

CWE-255 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.02682

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-5579
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-5579
CVE Details	https://www.cvedetails.com/cve/CVE-2007-5579/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!