Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, which allows remote attackers with knowledge of a username to reset that user's password by calculating the confirmationcode parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Pligg CMS 'login.php' confirmationcode参数安全绕过漏洞
Vulnerability Description
Pligg CMS 9.5版本的login.php运行一个可猜测的确认代码,当重设一个忘记的密码时,知道用户名的远程攻击者通过计算confirmationcode参数来重设用户密码。
CVSS Information
N/A
Vulnerability Type
N/A