PT-2013-02: Password Reset Token Prediction in FluxBB
The specialists of Positive Technologies have detected a "Password Reset Token Prediction" vulnerability in FluxBB. The vulnerability was detected in password reset token generation algorithm. FluxBB generates weak random numbers using mtrand function: function randomkey$len, $readable = false,...