Password Reset Vulnerability in Simple Machines Forum by Simple Machines
CVE-2008-6971

Currently unrated

Key Information:

Vendor

Simplemachines

Status
Smf
Vendor
CVE Published:
13 August 2009

What is CVE-2008-6971?

The password reset functionality of Simple Machines Forum (SMF) exposes sensitive information through a hidden form field that reveals the state of its random number generator. This vulnerability allows attackers to generate predictable validation codes, which can be exploited to change the passwords of other users, thereby granting unauthorized access and privileges to the malicious actor.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/44931
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/31053
vdb-entryx_refsource_BID
http://osvdb.org/47945
vdb-entryx_refsource_OSVDB

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.