CVE-2022-3152: Unverified Password Change in phpfusion/phpfusion
First published: Wed Sep 07 2022(Updated: )
Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20.
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Php-fusion Phpfusion | <9.10.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-3152?
CVE-2022-3152 is a vulnerability in the GitHub repository phpfusion/phpfusion prior to version 9.10.20 that allows for an unverified password change.
What is the severity of CVE-2022-3152?
CVE-2022-3152 has a severity rating of critical with a value of 8.8.
How does CVE-2022-3152 affect Php-fusion Phpfusion?
CVE-2022-3152 affects Php-fusion Phpfusion versions up to and excluding 9.10.20.
How can I fix CVE-2022-3152?
To fix CVE-2022-3152, update your Php-fusion Phpfusion installation to version 9.10.20 or later.
What are the references for CVE-2022-3152?
For more information on CVE-2022-3152, you can visit the following references: [GitHub Commit](https://github.com/phpfusion/phpfusion/commit/57c96d4a0c00e8e1e25100087654688123c6e991) and [Huntr.dev Bounty](https://huntr.dev/bounties/b3f888d2-5c71-4682-8287-42613401fd5a).
- collector/nvd-index
- agent/references
- agent/weakness
- agent/softwarecombine
- agent/remedy
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/severity
- agent/author
- agent/first-publish-date
- agent/tags
- agent/description
- agent/event
- vendor/php-fusion
- canonical/php-fusion phpfusion