Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP-Fusion Vulnerability - CVE-2020-35952 - Vulnerability Database
PHP-Fusion

PHP-Fusion Vulnerability - CVE-2020-35952

Medium
Reference: CVE-2020-35952
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-35952
Title: PHP-Fusion Vulnerability
Overview:

login.php in PHPFusion (aka PHP-Fusion) Andromeda 9.x before 2020-12-30 generates error messages that distinguish between incorrect username and incorrect password (i.e. not a single quotIncorrect username or passwordquot message in both cases) which might allow enumeration.