This is information about a single report in the Awooga system.

If you are the author of the referenced work, please note that it appears here because it has been judged to contain serious errors, usually of a security nature. Please read the introductory notes on the home page.

PHP Change Password Script

URLs http://phppot.com/php/php-change-password-script/
Issues sql-injection Unresolved

This site contains a large number of SQL injections, all or mostly involving the legacy mysql library. Interestingly the author cites parameterisation as a benefit of MySQLi elsewhere on the site.

password-clear Unresolved (No comments added)
deprecated-library Unresolved (No comments added)
Description

A site with a large number of scripts featuring SQL injection vulnerabilities. A number of articles, including this one, incorrectly advise programmers to store passwords in plain text.

Source Repo: 1
Author notified? No
Created at: 2018-09-21 18:55:13 • Last updated at: 2024-03-28 09:19:31