Описание
In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account.
Ссылки
- Third Party Advisory
- Product
- Third Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:macs_cms_project:macs_cms:1.1.4f:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00415
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-843
Связанные уязвимости
CVSS3: 9.8
github
больше 2 лет назад
In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account.
EPSS
Процентиль: 61%
0.00415
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-843