CVE-2021-4240

Summary: CVE-2021-4240 affects phpservermon, specifically the function generatePasswordResetToken in src/psm/Service/User.php. The root cause is use of a predictable algorithm in the random number generator, leading to possible guessing of reset tokens. The vulnerability has public exploit inform...

CVE-2021-4097

CVE-2021-4097 affects the PHP project phpservermon and is described as an Improper Neutralization of CRLF Sequences (CRLF injection) . The provided connected documents confirm the vulnerability name and vector but do not specify affected versions, exact root cause details, or available fixes/patc...

CVE-2021-4241

The CVE-2021-4241 issue affects phpservermon, specifically the function setUserLoggedIn in src/psm/Service/User.php. The root cause is use of a predictable random-number generator, enabling potential guessing of generated strings. Public exploit details exist, and a patch is identified as bb10a5f...

CVE-2018-18921

The connected advisories confirm a CSRF vulnerability in PHP Server Monitor prior to version 3.3.2. The issue is evidenced by a Delete action, indicating that unauthorized requests can potentially perform state-changing operations. Affected product: PHP Server Monitor. Vulnerability type: CSRF. R...