This is information about a single report in the Awooga system.

If you are the author of the referenced work, please note that it appears here because it has been judged to contain serious errors, usually of a security nature. Please read the introductory notes on the home page.

Develop a Complete Android Login Registration System with PHP, MySQL

URLs	http://www.learn2crack.com/2013/08/develop-android-login-registration-with-php-mysql.html/4
Issues	sql-injection	Unresolved	(No comments added)
	password-inadequate-hashing	Unresolved	SHA1/base64/salt home-made algorithm not a substitute for password_hash().
	deprecated-library	Unresolved	(No comments added)
Description	The usual SQL injection flaws in this one, the author has been notified. Also, the password hashing isn't strong enough. Looks like the login can be bypassed by changing the target user's password
Source	Repo: 1
Author notified?	Yes, on 2014-10-21

Created at: 2018-09-21 18:55:13 • Last updated at: 2024-04-19 23:44:06