EUVD-2022-1846

Malicious code in bioql PyPI...

BIT-LIVEHELPERCHAT-2022-1235

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1235

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...

Design/Logic Flaw

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1235 Weak secrethash can be brute-forced in livehelperchat/livehelperchat

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1235

The CVE-2022-1235 issue affects livehelperchat/livehelperchat prior to version 3.96, where a weak secrethash can be brute-forced. The secrethash consists of 10 hex characters, yielding 16^10 possibilities, enabling offline guessing of the secret (SHA1) and compromising security measures tied to t...

livehelperchat 安全漏洞

livehelperchat is a chat via a live helper that provides free live support on a website. A security vulnerability exists in the GitHub repository livehelperchat/livehelperchat versions prior to 3.96, which stems from the ability to force the use of Weak secrethash...

PT-2022-13735 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: livehelperchat/livehelperchat versions prior to 3.96 Description: The issue concerns a weak secrethash that can be brute-forced, affecting the security measures of the application. The secrethash is relatively small, consisting of only 10...

Weak secrethash can be brute-forced

Description The secrethash, which the application relies for multiple security measures, can be brute-forced. The hash is quite small, with only 10 characters of only hexadecimal, making 16^10 possilibities 1.099.511.627.776 . The SHA1 of the secret can be obtained via a captcha string and...