PoC for the type confusion vulnerability in Mac's CMS that results in authentication bypass and administrator account takeover.
CVE-2023-43154 - Macs Framework v114f CMS Type Confusion Vulnerability Table of Contents Overview Proof of Concept Technical Debrief Mitigation Overview CVE-ID: CVE-2023-43154 CVSS 31: 98 Vulnerability Description: A loose comparison in the isValidLogin() function results in a PHP type confusion vulnerability that can be abused to bypass authentication and takeover the ad