An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en (user+perms+lang), one can login as any user without a password.
Recent assessments:
horshark at March 09, 2020 8:27pm UTC reported:
CVE in SourceForge project phpABook V0.9i (<https://sourceforge.net/projects/phpabook/>)
Bypass auth through creation or modification of a cookie…
Cookie named userinfo has its value set asuser+perms+lang.
Possibility to authenticate as a regular or privileged user with perms.
0xEmma at March 15, 2020 7:00pm UTC reported:
CVE in SourceForge project phpABook V0.9i (<https://sourceforge.net/projects/phpabook/>)
Bypass auth through creation or modification of a cookie…
Cookie named userinfo has its value set asuser+perms+lang.
Possibility to authenticate as a regular or privileged user with perms.
Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 5