Lucene search
GoogleOSV:GHSA-8VH3-29MR-M9XGHistorySep 01, 2021 - 6:31 p.m.
Inadequate Encryption Strength in showdoc
2021-09-0118:31:23
Google
osv.dev
8
showdoc
encryption
strength
user password
hash function
hardcoded salt
EPSS
0.001
Percentile
21.4%
showdoc makes use of a hardcoded salt in its user password hash function
References
github.com/star7th/showdoc
github.com/star7th/showdoc/blob/fd1740234a12804b45af9cac3563567d83ba414d/server/Application/Home/Model/UserModel.class.php#L20
github.com/star7th/showdoc/commit/4b962c1740311e0d46775023b6acba39ad60e370
huntr.dev/bounties/76b49607-fba9-4100-9be7-cb459fe6cfe2
nvd.nist.gov/vuln/detail/CVE-2021-3680
Related
prion
prion
Design/Logic Flaw
2021-08-04 13:15:00
cvelist
cvelist
CVE-2021-3680 Missing Cryptographic Step in star7th/showdoc
2021-08-04 12:50:47
nvd
nvd
CVE-2021-3680
2021-08-04 13:15:08
cve
cve
CVE-2021-3680
2021-08-04 13:15:08
veracode
veracode
Insecure Encryption
2021-09-02 13:49:59
huntr
huntr
in star7th/showdoc
2021-08-02 17:13:20
github
github
Inadequate Encryption Strength in showdoc
2021-09-01 18:31:23
osv
osv
CVE-2021-3680
2021-08-04 13:15:08