An issue exists in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on MD5 for the password parameter, which might make it easier for malicious users to bypass intended access restrictions via a dictionary or rainbow-table attack. NOTE: the vendor declined to accept this as a valid issue
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zblogcn z-blogphp 2.0.0 |