1 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

actions.php in WebPortal CMS 0.6-beta generates predictable passwords containing only the time of day, which makes it easier for remote attackers to obtain access to any account via a lostpass action. actions.php de WebPortal CMS 0.6-beta genera contraseñas predecibles conteniendo sólo la hora del día, lo cual facilita a atacantes remotos obtener acceso a cualquier cuenta mediante una acción lostpass. • https://www.exploit-db.com/exploits/4835 http://www.securityfocus.com/bid/27145 https://exchange.xforce.ibmcloud.com/vulnerabilities/39486 • CWE-330: Use of Insufficiently Random Values •