Vulnerabilities > Pyforum Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-15 CVE-2009-5025 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Pyforum Project Pyforum 1.0.3
A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on behalf of that user.
network
low complexity
pyforum-project CWE-640
5.0