Forums

Full Version: could anyone comment on vulnerability?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi there,
I've just installed LetoDMS version 4.0.0 RC1, and after seeing there's no salt used in password encription I checked if there was any notice about it's vulnerability. I found this page then

http://www.exploit-db.com/exploits/20759/

does it affect version 4.x too? can anyone who is expert on security issues comment if this should be considered too serious, or it is just another php vulnerable site like many others?

Thanks!