Zikula prior to 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote malicious users to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zikula zikula application framework 1.2.2 |
||
zikula zikula application framework 1.2.1 |
||
zikula zikula application framework 1.2.4 |
||
zikula zikula application framework 1.1.2 |
||
zikula zikula application framework 1.2.3 |
||
zikula zikula application framework |