mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
808 B
808 B
CVE-2024-34914
Description
php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a weak hashing algorithm for its remember_key value. This allows attackers to bruteforce to bruteforce the remember_key value to gain access to accounts that have checked "remember me" when logging in.
POC
Reference
- https://chmod744.super.site/redacted-vulnerability
- https://chmod744.super.site/redacted-vulnerability