source: https://www.securityfocus.com/bid/24158/info
Pligg is prone to a security-bypass vulnerability due to a design error when resetting forgotten passwords.
An attacker may exploit this issue to reset account passwords for arbitrary users and then compromise a vulnerable application. This can also aid the attacker in further attacks.
Pligg 9.5 is reported vulnerable; other versions may also be affected.
http://www.example.com/login.php?processlogin=4&username=admin&confirmationcode=1234567891e2f566cbda0a9c855240bf21b8bae030404cad7
