glFusion prior to 1.1.3 performs authentication with a user-provided password hash instead of a password, which allows remote malicious users to gain privileges by obtaining the hash and using it in the glf_password cookie, aka "User Masquerading." NOTE: this can be leveraged with a separate SQL injection vulnerability to steal hashes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
glfusion glfusion 1.1.0 |
||
glfusion glfusion 1.0.0 |
||
glfusion glfusion 1.0.1 |
||
glfusion glfusion 1.0.2 |
||
glfusion glfusion 1.1.1 |
||
glfusion glfusion |