5
CVE-2010-4728
- EPSS 0.35%
- Published 08.02.2011 22:00:00
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism.
Data is provided by the National Vulnerability Database (NVD)
Zikula ≫ Zikula Application Framework Version <= 1.2.5
Zikula ≫ Zikula Application Framework Version1.1.2
Zikula ≫ Zikula Application Framework Version1.2.1
Zikula ≫ Zikula Application Framework Version1.2.2
Zikula ≫ Zikula Application Framework Version1.2.3
Zikula ≫ Zikula Application Framework Version1.2.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.35% | 0.54 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|