Vulnerabilities > Dcscripts > Dcforum > 2000
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-05-16 | CVE-2002-0226 | Unspecified vulnerability in Dcscripts Dcforum retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID, which allows remote attackers to request a new password on behalf of another user and use the sessionID to calculate the new password for that user. | 7.5 |