CVE-2020-23352

Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zb_user/plugin/passwordvisit/include.php:passwordvisit_input_password() uses loose comparison to authenticate, which can be bypassed via magic hash values.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:zblogcn:z-blogphp:1.6.0:*:*:*:*:*:*:*

Information

Published : 2021-01-27 08:15

Updated : 2021-02-04 06:56


NVD link : CVE-2020-23352

Mitre link : CVE-2020-23352


JSON object : View

Advertisement

dedicated server usa

Products Affected

zblogcn

  • z-blogphp