Vulnerabilities > Invisionpower > Invision Power Board > 2.1.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-02-10 | CVE-2006-0633 | Improper Authentication vulnerability in Invisionpower Invision Power Board 2.1.4 The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data generated from partially predictable seeds to create the authentication code that is sent by e-mail to a user with a lost password, which might make it easier for remote attackers to guess the code and change the password for an IPB account, possibly involving millions of requests. | 6.4 |