Codiad 2.8.4 /componetns/user/class.user.php:Authenticate()
is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123
, another hash value 0e234[something]
can successfully authenticate.
CPE | Name | Operator | Version |
---|---|---|---|
codiad/codiad | eq | 1.3.6 |