GHSA-58fg-62fg-3fcjLow
phpMyFAQ has Weak Cryptography - SHA1 for Password Hashing
🔗 CVE IDs covered (1)
📋 Description
Summary
Attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attacks since 2017 (SHAttered).
Details
Affected File : phpmyfaq/src/phpMyFAQ/Attachment/AbstractAttachment.php
Impact
- An attacker can generate SHA-1 collisions to bypass attachment protection
- Risk of password cracking if database is compromised
- Estimated cracking time: < 1 minute for standard attachment
Solution
Use bcrypt:
public function setPassword(string $password): void
{
$this->passwordHash = password_hash($password, PASSWORD_BCRYPT);
}
public function verifyPassword(string $plainPassword): bool
{
return password_verify($plainPassword, $this->passwordHash);
}
🎯 Affected products2
- composer/thorsten/phpmyfaq:<= 4.1.3
- composer/phpmyfaq/phpmyfaq:<= 4.1.3