Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
e107 Credentials Management Errors Vulnerability - CVE-2013-7305 - Vulnerability Database
e107

e107 Credentials Management Errors Vulnerability - CVE-2013-7305

Medium
Reference: CVE-2013-7305
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-7305
Title: e107 Credentials Management Errors Vulnerability
Overview:

fpw.php in e107 through 1.0.4 does not check the user_ban field which makes it easier for remote attackers to reset passwords by sending a pwsubmit request and leveraging access to the e-mail account of a banned user.