High

DATE	CVE	VULNERABILITY TITLE	RISK
2008-08-14	CVE-2008-3681	Permissions, Privileges, and Access Controls vulnerability in Joomla COM User components/com_user/models/reset.php in Joomla! 1.5 through 1.5.5 does not properly validate reset tokens, which allows remote attackers to reset the "first enabled user (lowest id)" password, typically for the administrator. network low complexity joomla CWE-264	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.