This is information about a single report in the Awooga system.
URLs | http://dipinkrishna.com/blog/2014/07/login-signup-screen-tutorial-xcode-6-swift-ios-8-json/ | ||
---|---|---|---|
Issues | password-inadequate-hashing | Unresolved | (No comments added) |
Description |
Remarkably, the PHP API code uses parameterisation via the MySQLi engine, and so at first glance is safe with regards to SQL injection. However the self-assembly of the JSON response string is risky, and MD5 is no longer regarded as a suitable hash for password storage. |
||
Source | Repo: 1 | ||
Author notified? | No |