Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password_recovery.php that can result in IntegriaIMS web app user accounts can be taken over. This attack appear to be exploitable via Network access to IntegriaIMS web interface . This vulnerability appears to have been fixed in fixed in versions released after commit f2ff0ba821644acecb893483c86a9c4d3bb75047.
oryginał ENCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HArtica Integria Ims
APPArtica≤ 5.0
Powiązane podatności
Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading. An ...
Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by th...
filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&sec2=operation/wiki/wiki&action=upload arb...
Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file. An att...
Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an ...