CVE-2023-53894

CRITICAL

phpfm 1.7.9 - Auth Bypass

Title source: llm

Description

phpfm 1.7.9 contains an authentication bypass vulnerability that allows attackers to log in by exploiting loose type comparison in password hash validation. Attackers can craft specific password hashes beginning with 0e or 00e to bypass authentication and upload malicious PHP files to the server.

Exploits (1)

exploitdb WORKING POC

by thoughtfault · pythonwebappsphp

https://www.exploit-db.com/exploits/51594

View Code ZIP pw:eip

References (3)

[Product] https://www.dulldusk.com/phpfm/

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/51594

[Third Party Advisory] https://www.vulncheck.com/advisories/phpfm-authentication-bypass-via-type-juggling-vulnerability

Scores

CVSS v3 9.8

EPSS 0.0043

EPSS Percentile 62.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-1390

Status published

Affected Products (1)

dulldusk/phpfilemanager

Timeline

Published Dec 16, 2025

Tracked Since Feb 18, 2026