N/A

php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a weak hashing algorithm for its remember_key value. This allows attackers to bruteforce to bruteforce the remember_key value to gain access to accounts that have checked "remember me" when logging in.

N/A

N/A

PHP Censor 安全漏洞

PHP Censor是PHP Censor开源的一个用于 PHP 项目的开源、自托管、持续集成服务器。 PHP Censor v2.1.4版本存在安全漏洞，该漏洞源于使用弱哈希算法，攻击者可以暴力破解Remember_key值，以获取访问权限。

N/A

N/A