Froxlor : Security Vulnerabilities, CVEs, Published In 2017

CVE-2016-5100

Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value.
Max CVSS
9.8
EPSS Score
0.42%
Published
2017-02-13
Updated
2017-02-24

CVE-2015-5959

Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to obtain the database password by reading /logs/sql-error.log.
Max CVSS
9.8
EPSS Score
0.70%
Published
2017-09-06
Updated
2017-09-07
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close