2 matches found
CVE-2006-0633
The makepassword function in ipsclass.php in Invision Power Board IPB 2.1.4 uses random data generated from partially predictable seeds to create the authentication code that is sent by e-mail to a user with a lost password, which might make it easier for remote attackers to guess the code and...
CVE-2006-0633
The CVE concerns Invision Power Board (IPB) 2.1.4, where the make_password function in ipsclass.php generates the authentication code sent to users with lost passwords from random data derived from partially predictable seeds. This may allow remote attackers to guess the code and change an IPB ac...