I just find that, in many places of oscommerce v2.3.4.1, the username and password recheck during registration and other processes can be bypassed easily through the magic string in loose comparison, for example "0e11111" == "0e22222" returns Bool(True). If the user sets the username or password to such magic strings, the recheck process using loose comparison (==) does not work at all.
Affected code locations
Hi,
I just find that, in many places of oscommerce v2.3.4.1, the username and password recheck during registration and other processes can be bypassed easily through the
magic stringin loose comparison, for example"0e11111" == "0e22222"returnsBool(True). If the user sets the username or password to such magic strings, the recheck process using loose comparison (==) does not work at all. Affected code locationsand some other files in
catalog/password_reset.php,catalog/create_account.phpandcatalog/ext/modules/content/account/set_password.php