exploitDog

GHSA-h9vj-4r4f-c87f

Опубликовано: 27 сент. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account.

In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account.

Ссылки

EPSS

Процентиль: 61%

0.00415

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-843

Связанные уязвимости

CVE-2023-43154

CVSS3: 9.8

nvd

больше 2 лет назад

In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account.

EPSS

Процентиль: 61%

0.00415

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-843