This repository has been archived by the owner on Sep 25, 2021. It is now read-only.
Funcational bugs in password rechecking during registration related processes #530
Comments
# for free
to subscribe to this conversation on GitHub.
Already have an account?
#.
WeBid 1.2.2 has the problem of password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords. Two non-identical passwords can still bypass the check.
$password1 = "0e1111"and$password2 = "0e2222"are loosely compared and returnbool(true). A lot of other PHP scripts in WeBid also have this problem.The text was updated successfully, but these errors were encountered: