5
CVE-2010-4728
- EPSS 0.35%
- Veröffentlicht 08.02.2011 22:00:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zikula ≫ Zikula Application Framework Version <= 1.2.5
Zikula ≫ Zikula Application Framework Version1.1.2
Zikula ≫ Zikula Application Framework Version1.2.1
Zikula ≫ Zikula Application Framework Version1.2.2
Zikula ≫ Zikula Application Framework Version1.2.3
Zikula ≫ Zikula Application Framework Version1.2.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.35% | 0.54 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|