CVE-2018-10081

CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as…

mitre·CWE-640·Published 2018-04-13

CVSS

—

EPSS

0.02

KEV

Exploits

cve.orgen

190 chars

CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring.

NVDen

190 chars

CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring.

NVDes

257 chars

CMS Made Simple (CMSMS) hasta la versión 2.2.6 contiene una vulnerabilidad de restablecimiento de contraseña de administrador debido a que los valores de datos se comparan de forma incorrecta. Esto se demuestra con un hash que empieza con la subcadena "0e".

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H