Vulnerabilities > CVE-2007-5579 - Credentials Management vulnerability in Pligg CMS 9.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, which allows remote attackers with knowledge of a username to reset that user's password by calculating the confirmationcode parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Pligg 9.5 Reset Forgotten Password Security Bypass Vulnerability. CVE-2007-5579. Webapps exploit for php platform |
id | EDB-ID:30088 |
last seen | 2016-02-03 |
modified | 2007-05-25 |
published | 2007-05-25 |
reporter | 242th section |
source | https://www.exploit-db.com/download/30088/ |
title | Pligg 9.5 Reset Forgotten Password Security Bypass Vulnerability |