CVE-2010-4728 in Application Frameworkinfo

Summary

Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

02/08/2011

Disclosure

02/08/2011

Entries

1: VDB-56367

CPE

ready

CVSS

5.3

EPSS

0.00345

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2010-4728
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2010-4728
CVE Detailshttps://www.cvedetails.com/cve/CVE-2010-4728/

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!