Vulnerabilities > CVE-2022-36072 - Unspecified vulnerability in Silverwaregames 1.1.8

CVSS 5.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

high complexity

silverwaregames

NVD

Published: 2022-09-06

Updated: 2023-07-21

Summary

SilverwareGames.io is a social network for users to play video games online. In version 1.1.8 and prior, due to an unobvious feature of PHP, hashes generated by built-in functions and starting with the `0e` symbols were being handled as zero multiplied with the `e` number. Therefore, the hash value was equal to 0. The maintainers fixed this in version 1.1.9 by using `===` instead of `==` in comparisons where it is possible (e.g. on sign in/sign up handlers).

Vulnerable Configurations

Part	Description	Count
Application	Silverwaregames Silverwaregames Silverwaregames - Silverwaregames Silverwaregames 1.1.8	2

References

https://github.com/mesosoi/silverwaregames-io-issue-tracker/security/advisories/GHSA-w4wq-7j4q-j2fh