CVE-2020-8510

An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en (user+perms+lang), one can login as any user without a password.

Recent assessments:

horshark at March 09, 2020 8:27pm UTC reported:

CVE in SourceForge project phpABook V0.9i (<https://sourceforge.net/projects/phpabook/&gt;)

Bypass auth through creation or modification of a cookie…

Cookie named userinfo has its value set asuser+perms+lang.
Possibility to authenticate as a regular or privileged user with perms.

0xEmma at March 15, 2020 7:00pm UTC reported:

CVE in SourceForge project phpABook V0.9i (<https://sourceforge.net/projects/phpabook/&gt;)

Bypass auth through creation or modification of a cookie…

Cookie named userinfo has its value set asuser+perms+lang.
Possibility to authenticate as a regular or privileged user with perms.

Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 5