CVE-2008-3681

N/A Unknown
Published: August 14, 2008 Modified: April 23, 2026
View on NVD

Description

components/com_user/models/reset.php in Joomla! 1.5 through 1.5.5 does not properly validate reset tokens, which allows remote attackers to reset the "first enabled user (lowest id)" password, typically for the administrator.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://developer.joomla.org/security/news/241-20080801-core-password-remind-functionality.html
Source: cve@mitre.org
http://secunia.com/advisories/31457
Source: cve@mitre.org
Vendor Advisory
http://securityreason.com/securityalert/4157
Source: cve@mitre.org
http://www.securityfocus.com/bid/30667
Source: cve@mitre.org
http://www.securitytracker.com/id?1020687
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/44430
Source: cve@mitre.org
https://www.exploit-db.com/exploits/6234
Source: cve@mitre.org
http://developer.joomla.org/security/news/241-20080801-core-password-remind-functionality.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/31457
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securityreason.com/securityalert/4157
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/30667
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1020687
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/44430
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.exploit-db.com/exploits/6234
Source: af854a3a-2127-422b-91ae-364da2661108

14 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-264

Affected Vendors

joomla

Related CVEs

CVE-2026-41279 N/A
CVE-2026-41278 N/A
CVE-2026-41277 N/A
CVE-2026-41276 N/A
CVE-2026-41275 N/A