Member Login Script Client-Side Request Desynchronization Vulnerability

A client-side desynchronization vulnerability has been identified in Member Login Script version 3.3. This vulnerability allows attackers to manipulate how HTTP requests are handled by exploiting the parsing of the Content-Length header. By sending crafted POST requests that include smuggled secondary requests, attackers could potentially bypass server-side controls that process requests.

Impact

Exploitation of this vulnerability could lead to HTTP request/response smuggling, allowing attackers to manipulate request handling and potentially bypass server-side request processing controls.

Reproduction

To reproduce this vulnerability, send a POST request to the application's index.php file with a Content-Length header that exceeds the actual length of the body. Include a smuggled GET request in the body. The server will misinterpret the Content-Length, allowing the smuggled request to be processed as a separate request.