CVE-2010-5318

EUVD-2010-5276
The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
basic-cmssweetrice
0.6.7.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.htbridge.com/advisory/HTB22667
https://www.htbridge.com/advisory/HTB22667