Description
Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, which makes it easier for attackers to guess the pseudo-random values produced by PHP's mt_rand function, as demonstrated by guessing password reset tokens, a different vulnerability than CVE-2008-3681.
Remediation
References
Related Vulnerabilities
WordPress Plugin All in One Social Lite Server-Side Request Forgery (1.0)
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8101)
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20114)
Apache HTTP Server Other Vulnerability (CVE-2004-1387)
WordPress Plugin NextGEN Gallery-WordPress Gallery SQL Injection (3.2.10)