mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-30 00:49:28 +02:00
0xMarcio
932 B
932 B
CVE-2025-2265
Description
The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte
POC
Reference
Github
No PoCs found on GitHub currently.