CVE-2018-1000501

Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in v0.3.3.
Configurations

Configuration 1

cpe:2.3:a:instant-update:instant_update_cms:*:*:*:*:*:*:*:*

Information

Published : 2018-06-26 04:29

Updated : 2018-08-30 05:29


NVD link : CVE-2018-1000501

Mitre link : CVE-2018-1000501

Products Affected
No products.
CWE
CWE-640

Weak Password Recovery Mechanism for Forgotten Password