CVE-2006-5474
The CVE-2006-5474 entry concerns OneOrZero Helpdesk versions before 1.6.5.4. Root cause: the forgot-password function generates passwords by concatenating the current timestamp with the username, enabling remote attackers to gain access to an arbitrary user via a password reset request. Impact: u...