Weak Password Requirements in PHPGurukul Online Notes Sharing System 1.0 (signup.php)
CVE-2023-7053 Published on December 22, 2023
PHPGurukul Online Notes Sharing System signup.php weak password
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /user/signup.php. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248740.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Type
Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts. Authentication mechanisms often rely on a memorized secret (also known as a password) to provide an assertion of identity for a user of a system. It is therefore important that this password be of sufficient complexity and impractical for an adversary to guess. The specific requirements around how complex a password needs to be depends on the type of system being protected. Selecting the correct password requirements and enforcing them through implementation are critical to the overall success of the authentication mechanism.
Products Associated with CVE-2023-7053
Want to know whenever a new CVE is published for PHPGurukul Online Notes Sharing System? stack.watch will email you.
Affected Versions
PHPGurukul Online Notes Sharing System Version 1.0 is affected by CVE-2023-7053Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.