Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-37320

MD5 Codification for Passwords and Sessions Folder

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not a bug
    • Icon: Critical Critical
    • None
    • 2.4
    • Authentication, Libraries
    • MOODLE_24_STABLE

      There's a big issue regarding MD5 codification for passwords and username that can be searchable on google related to Sessions folder. Any one with a little knowlegde in hacking could get relevant data from users and just have to wait until the admin is logging in and having some time connected to get it's pass.

      Just google:
      inurl:/sessions/ intext:"8:password"

      inurl:"/admin/index.php" intitle:installation

      It affects all versions.

            poltawski Dan Poltawski
            fazhenlocken Fazhen Locken
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.