Unrated severityNVD Advisory· Published Jan 3, 2021· Updated Aug 4, 2024
CVE-2020-35952
CVE-2020-35952
Description
login.php in PHPFusion (aka PHP-Fusion) Andromeda 9.x before 2020-12-30 generates error messages that distinguish between incorrect username and incorrect password (i.e., not a single "Incorrect username or password" message in both cases), which might allow enumeration.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- PHP-Fusion/PHP-Fusion Andromedadescription
Patches
Vulnerability mechanics
References
1- github.com/PHPFusion/PHPFusion/issues/2346mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.