Phpabook Project: >> Phpabook >> 0.9 Security Vulnerabilities
An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en (user+perms+lang), one can login as any user without a password.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-02-03