Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:4685
HistoryJul 26, 2017 - 3:04 a.m.

Predictable Password Recovery

2017-07-2603:04:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

EPSS

0.003

Percentile

71.5%

JSON

Moodle is vulnerable to predictable password recovery. The vulnerability exists because of not enough randomization of PHP mt_rand function() used in random_string() and complex_random_string() functions.

Related

cve 1
nvd 1
osv 1
ubuntucve 1
prion 1
cvelist 1
github 1
openvas 2
mageia 1
nessus 4
freebsd 1
cve
cve
CVE-2015-5267
2016-02-22 05:59:07
nvd
nvd
CVE-2015-5267
2016-02-22 05:59:07
osv
osv
Moodle uses predictable password-recovery tokens
2022-05-13 01:12:47
ubuntucve
ubuntucve
CVE-2015-5267
2016-02-22 00:00:00
prion
prion
Code injection
2016-02-22 05:59:00
cvelist
cvelist
CVE-2015-5267
2016-02-22 02:00:00
github
github
Moodle uses predictable password-recovery tokens
2022-05-13 01:12:47
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0381)
2015-10-15 00:00:00
Fedora Update for moodle FEDORA-2015-2
2015-12-12 00:00:00
mageia
mageia
Updated moodle packages fix security vulnerabilities
2015-09-23 22:42:52
nessus
nessus
FreeBSD : moodle -- multiple vulnerabilities (c2fcbec2-5daa-11e5-9909-002590263bf5)
2015-09-18 00:00:00
Moodle 2.7.x < 2.7.10 / 2.8.x < 2.8.8 / 2.9.x < 2.9.2 Multiple Vulnerabilities
2015-10-07 00:00:00
Fedora 23 : moodle-2.9.3-1.fc23 (2015-98fc0d20ad)
2016-03-04 00:00:00
freebsd
freebsd
moodle -- multiple vulnerabilities
2015-09-14 00:00:00

EPSS

0.003

Percentile

71.5%

JSON
Related for VERACODE:4685
cve1nvd1osv1ubuntucve1prion1cvelist1github1openvas2mageia1nessus4freebsd1