CVE-2008-6957
N/A
N/A
Summary
member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.exploit-db.com/exploits/7185
- http://secunia.com/advisories/32731
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46785
- http://www.discuz.net/archiver/?tid-1112426.html
- http://www.80vul.com/dzvul/sodb/14/dz-exp-sodb-2008-14_php.htm
- http://www.securityfocus.com/bid/32424
References
- https://www.exploit-db.com/exploits/7185
- http://secunia.com/advisories/32731
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46785
- http://www.discuz.net/archiver/?tid-1112426.html
- http://www.80vul.com/dzvul/sodb/14/dz-exp-sodb-2008-14_php.htm
- http://www.securityfocus.com/bid/32424
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.