CVE-2008-4125 Information

Description

The search function in phpBB 2.x provides a search_id value that leaks the state of PHP’s PRNG which allows remote attackers to obtain potentially sensitive information as demonstrated by a cross-application attack against WordPress a different vulnerability than CVE-2006-0632.

Reference

http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/ https://exchange.xforce.ibmcloud.com/vulnerabilities/45415