MEDIUM🇬🇧 English

CVE-2022-36072

CVSS 5.9v3.1pub. 2022-09-06upd. 2024-11-21

SilverwareGames.io is a social network for users to play video games online. In version 1.1.8 and prior, due to an unobvious feature of PHP, hashes generated by built-in functions and starting with the `0e` symbols were being handled as zero multiplied with the `e` number. Therefore, the hash value was equal to 0. The maintainers fixed this in version 1.1.9 by using `===` instead of `==` in comparisons where it is possible (e.g. on sign in/sign up handlers).

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
  • Silverwaregames

    APP
    Silverwaregames
    < 1.1.9
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-40179MEDIUM5.3ten sam produkt

Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the P...

CVE-2022-23543MEDIUM6.3ten sam produkt

Silverware Games is a social network where people can play games online. Users can attach URLs to YouTube vide...

CVE-2023-40182LOW3.7ten sam produkt

Silverware Games is a premium social network where people can play games online. When using the Recovery form,...

CVE-2023-29192LOW2.7ten sam produkt

SilverwareGames.io versions before 1.2.19 allow users with access to the game upload panel to edit download li...