A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argument forget_code/vercode results in weak password recovery. Remote exploitation of the attack is possible. The attack's complexity is rated as high. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-2895 is a weak password recovery vulnerability in funadmin up to version 7.1.0-rc4 affecting the Member.php repass function. Remote attackers can exploit this by manipulating forget_code/vercode parameters, though exploitation is difficult and requires high complexity.
يؤثر هذا الثغر على وظيفة إعادة تعيين كلمة المرور في تطبيق funadmin حيث يمكن للمهاجمين التلاعب برموز التحقق. يتطلب الاستغلال مستوى تعقيد عالي لكن الثغرة تم الكشف عنها علناً.
A password recovery weakness exists in funadmin versions up to 7.1.0-rc4 in the Member.php repass function. Attackers can manipulate forget_code/vercode arguments to bypass password recovery security, though the attack is complex and difficult to execute.
Update funadmin to a version newer than 7.1.0-rc4 immediately. Implement strong validation and cryptographic verification for password recovery tokens. Monitor for suspicious password reset attempts and implement rate limiting on password recovery endpoints.
قم بتحديث funadmin إلى إصدار أحدث من 7.1.0-rc4 فوراً. طبق التحقق القوي والتحقق التشفيري لرموز استرجاع كلمة المرور. راقب محاولات إعادة تعيين كلمة المرور المريبة وطبق تحديد معدل على نقاط نهاية استرجاع كلمة المرور.