3 matches found
CVE-2025-47776 MantisBT: Authentication bypass for some passwords due to PHP type juggling
Mantis Bug Tracker MantisBT is an open source issue tracker. Due to incorrect use of loose == instead of strict === comparison in the authentication code in versions 2.27.1 and below.PHP type juggling will cause certain MD5 hashes matching scientific notation to be interpreted as numbers. Instanc...
GHSA-4V8W-GG5J-PH37 MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling
Due to an incorrect use of loose == instead of strict === comparison in the authentication code1, PHP type juggling will cause interpretation of certain MD5 hashes as numbers, specifically those matching scientific notation. 1:...
RTTucson Quotations Database Script - Authentication Bypass
RTTucson Quotations Database Script Auth Bypass SQL Injection Vulnerability By cr4wl3r http://bastardlabs.info Script: http://www.rttucson.com/files.html Bugs found /quotations/admin/include/login.php --------------------------- 36 if $POST'submit' 37 38 $Username = $POST'Username'; 39 $Password ...