CVE-2010-4728
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD
Description
Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism.
Affected (6)
Products: Zikula: Zikula Application Framework
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.2.5 |
Related CWEs
References (2)
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.