CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-5670

Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.9%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/28793
http://securityreason.com/securityalert/4786
http://www.securityfocus.com/archive/1/487483/100/200/threaded
http://www.securityfocus.com/bid/27606
http://secunia.com/advisories/28793
http://securityreason.com/securityalert/4786
http://www.securityfocus.com/archive/1/487483/100/200/threaded
http://www.securityfocus.com/bid/27606

Products affected by CVE-2008-5670

Textpattern » Textpattern » Version: 4.0.5

cpe:2.3:a:textpattern:textpattern:4.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-5670

Products

Pricing

Contact Us