CVE-2007-5579
Pligg CMS 9.5 is affected by CVE-2007-5579 through login.php, where a guessable confirmation code enables password reset by an attacker knowing a username. The root cause is a predictable confirmationcode parameter used during forgotten-password flow, allowing an unauthorized password reset with ...