|
إنضمامك إلي منتديات استراحات زايد يحقق لك معرفة كل ماهو جديد في عالم الانترنت ...
انضم الينا
#1
| ||
| ||
http://tracker.vbulletin.com/browse/VBIII-12799 I reported this problem 1 year ago on forum Recently, because of this problem too many real admin passwords (not just hashes) leaked after faq.php incident (via phpmyadmin) I reported this problem again on previous week on bug tracker, and it is still Unassigned/Unconfirmed for more then 7 days. Problem in short: anyone with database read access (hoster, forum admins, admins of other websites on shared hosting, or hackers, like in case of faq.php incidents) will be able to decode easily very high percent of real passwords (not just hashes), because password protecting hashing feature not doing its work __DEFINE_LIKE_SHARE__ |
مواقع النشر (المفضلة) |
| |