3 matches found
CVE-2022-37163
Bminusl IHateToBudget v1.5.7 employs a weak password policy which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. Additionally, user passwords are hashed without a salt or pepper making it much easier for tools like hashcat to crack the hashes...
CVE-2022-37163
Bminusl IHateToBudget v1.5.7 employs a weak password policy which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. Additionally, user passwords are hashed without a salt or pepper making it much easier for tools like hashcat to crack the hashes...
CVE-2022-37163
CVE-2022-37163 affects Bminusl IHateToBudget v1.5.7. The root cause is a weak password policy and password hashes stored without a salt or pepper, making brute-force access feasible and hash cracking easier with tools like hashcat. Impact is unauthorized access to the application. Publicly docume...