Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpList Access of Resource Using Incompatible Type (Type Confusion) Vulnerability - CVE-2020-8547 - Vulnerability Database
phpList

phpList Access of Resource Using Incompatible Type (Type Confusion) Vulnerability - CVE-2020-8547

Critical
Reference: CVE-2020-8547
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-8547
Title: phpList Access of Resource Using Incompatible Type (Type Confusion) Vulnerability
Overview:

phpList 3.5.0 allows type juggling for admin login bypass because is used instead of for password hashes which mishandles hashes that begin with 0e followed by exclusively numerical characters.