2 matches found
CVE-2018-1000884
Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- any release prior to 0.9.8-18 contains a CWE-208 / Information Exposure Through Timing Discrepancy vulnerability in Password reset code -- web/reset/index.php, line 51 that can result in Possible to determine password...
CVE-2018-1000884
CVE-2018-1000884 affects Vesta CP prior to 0.9.8-18, where the password reset code in web/reset/index.php (line 51) exposes information due to a timing discrepancy (CWE-208). This can allow an attacker, via unauthenticated network access, to determine password reset codes and potentially change t...