CVE-2020-8088

Name of the Vulnerable Software and Affected Versions UseBB version 1.0.12

Description The issue allows for a login bypass due to type juggling in the panel login.php file. This occurs because the != operator is used instead of !== for password hashes, leading to mishandling of hashes that begin with 0e followed by exclusively numerical characters.

Recommendations For UseBB version 1.0.12, consider modifying the panel login.php file to use the !== operator instead of != for password hash comparisons to prevent type juggling attacks. As a temporary workaround, restrict access to the login functionality until the issue is resolved.