CVE-2018-9934

The reset-password feature in MetInfo 6.0 allows remote attackers to change arbitrary passwords via vectors involving a Host HTTP header that is modified to specify a web server under the attacker's control.

Published : 2018-04-10 07:29 Updated : 2019-10-03 00:03

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Metinfo Metinfo 6.0.0 cpe:/a:metinfo:metinfo:6.0.0
  1. Metinfo (1) Search CVE
    1. Metinfo (1) Search CVE
      1. 6.0.0

CWE

There is no CWE for this CVE.

History of changes

Date Event
2019-10-03 00:03
2018-05-18 13:38
2018-04-10 07:29

New CVE