The following warnings occurred:
Warning [2] Undefined variable $unreadreports - Line: 26 - File: global.php(961) : eval()'d code PHP 8.2.25 (Linux)
File Line Function
/global.php(961) : eval()'d code 26 errorHandler->error
/global.php 961 eval
/showthread.php 28 require_once





× This forum is read only. As of July 23, 2019, the UserSpice forums have been closed. To receive support, please join our Discord by clicking here. Thank you!
UserSpice   ›   Support Center   ›   UserSpice 4.3 and Below   ›   Reset Password is vulnerable

  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Reset Password is vulnerable
Brandin
Lead Developer
*******
Joined: Oct 2016
Posts: 1,297

Reputation: 7
#2
05-25-2017, 05:39 PM
You could always change one of the custom fields in the DB to be a timestamp updated upon password reset, make a function for this and call the function to verify the timestamp as well as the vericode.
  Website
  Reply


Messages In This Thread
Reset Password is vulnerable - by Jamie - 05-18-2017, 09:46 PM
Reset Password is vulnerable - by Brandin - 05-25-2017, 05:39 PM
Reset Password is vulnerable - by faguss - 06-19-2017, 11:25 PM
Reset Password is vulnerable - by mudmin - 06-20-2017, 11:21 AM
Reset Password is vulnerable - by karsen - 07-10-2017, 07:15 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)