member.php in Crossday Discuz! Board allows remote malicious users to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
discuz discuz\\! - |