2 matches found
CVE-2019-10014
In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticated users to reset the passwords of arbitrary users via a modified id parameter, because the key parameter is not properly validated...
CVE-2019-10014
CVE-2019-10014 affects DedeCMS 5.7SP2. The vulnerability is in member/resetpassword.php, where remote authenticated users can reset the passwords of arbitrary users by modifying the id parameter because the key parameter is not properly validated. This allows unauthorized password resets within t...