Description
Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism.
Remediation
References
Related Vulnerabilities
WordPress Plugin Consulting Elementor Widgets SQL Injection (1.3.0)
WordPress Plugin YITH WooCommerce Gift Cards Premium Unspecified Vulnerability (3.20.0)
WordPress Plugin Bulk Page Creator Cross-Site Scripting (1.0.9)
Joomla Other Vulnerability (CVE-2006-7010)
SharePoint Improper Input Validation Vulnerability (CVE-2019-1296)