Headline
CVE-2020-19111: there is a login bypass vulnerability in admin_verify.php · Issue #14 · projectworldsofficial/online-book-store-project-in-php
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information.
version:1.0
No login required.
View source code admin_verify.php
he judgment is that if the query results of login name and password are not the same, the judgment is that the password or user name is wrong
This is obviously wrong. According to this meaning, you can log in successfully as long as the user name and password are matched
We test that the login name is admin password arbitrary
Login succuss!
suggest:Change this code to
if($name != $row[‘name’] || $pass != $row[‘pass’]){
author:[email protected]