CVE-2022-40295
N/A
N/A
Summary
The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| PHP Point of Sale LLC | PHP Point of Sale | 19.0 | affected |
Weaknesses
- CWE-916: CWE-916 Use of Password Hash With Insufficient Computational Effort
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.