Deserialization of untrusted data

2008-01-0819:46:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

actions.php in WebPortal CMS 0.6-beta generates predictable passwords containing only the time of day, which makes it easier for remote attackers to obtain access to any account via a lostpass action.

CPENameOperatorVersion
webportal_cmseq0.6.0 beta

CPE	Name	Operator	Version
	webportal_cms	eq	0.6.0 beta

References

www.securityfocus.com/bid/27145

exchange.xforce.ibmcloud.com/vulnerabilities/39486

www.exploit-db.com/exploits/4835