4 matches found
CVE-2022-37163
Bminusl IHateToBudget v1.5.7 employs a weak password policy which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. Additionally, user passwords are hashed without a salt or pepper making it much easier for tools like hashcat to crack the hashes...
CVE-2022-37163
Bminusl IHateToBudget v1.5.7 employs a weak password policy which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. Additionally, user passwords are hashed without a salt or pepper making it much easier for tools like hashcat to crack the hashes...
CVE-2022-37163
CVE-2022-37163 affects Bminusl IHateToBudget v1.5.7. The root cause is a weak password policy and password hashes stored without a salt or pepper, making brute-force access feasible and hash cracking easier with tools like hashcat. Impact is unauthorized access to the application. Publicly docume...
IHateToBudget 安全漏洞
IHateToBudget is a simple web application by the individual developer Bryton Lacquement in France. Used to understand and control your expenses. A security vulnerability exists in IHateToBudget v1.5.7 that stems from the use of a weak password policy that allows an attacker to potentially gain...