Mask PHP File Manager Cookie Authentication Bypass Vulnerability

Mask PHP File Manager Cookie Authentication Bypass Vulnerability

Mask PHP File Manager (mPFM) is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication.

An attacker can exploit this vulnerability to gain administrative access to the affected application; other attacks are also possible.

The issue affects mPFM 2.2d and prior versions.