Lucene search
K

24 matches found

UbuntuCve
UbuntuCve
added 2006/02/10 11:2 a.m.23 views

CVE-2006-0632

The genrandstring function in phpBB 2.0.19 uses insufficiently random data small value space to create the activation key "validation ID" that is sent by e-mail when establishing a password, which makes it easier for remote attackers to obtain the key and modify passwords for existing accounts or...

6.4CVSS6AI score0.02501EPSS
Exploits1References1
Prion
Prion
added 2006/02/10 11:2 a.m.11 views

Design/Logic Flaw

The genrandstring function in phpBB 2.0.19 uses insufficiently random data small value space to create the activation key "validation ID" that is sent by e-mail when establishing a password, which makes it easier for remote attackers to obtain the key and modify passwords for existing accounts or...

6.4CVSS7AI score0.02501EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.27 views

CVE-2002-1846

Yet Another Bulletin Board YaBB 1.40 and 1.41 does not require a user to submit the correct password before changing it to a new password, which allows remote attackers to modify passwords by stealing the cookie of another user, modifying the expiretime setting, and submitting the change in a...

6.7AI score0.01053EPSS
Exploits0References1
NVD
NVD
added 2000/01/30 5:0 a.m.18 views

CVE-2000-0117

The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin root...

7.2CVSS6.5AI score0.00435EPSS
Exploits0References1
Rows per page
Query Builder