CVE-2023-53878

Member Login Script 3.3 Client-Side Request Desynchronization Vulnerability

Description

Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows attackers to manipulate HTTP request handling by exploiting Content-Length header parsing. Attackers can send crafted POST requests with smuggled secondary requests to potentially bypass server-side request processing controls.

INFO

Published Date :

2025-12-15T20:28:18.174Z

Last Modified :

2025-12-15T21:47:32.922Z

Source :

VulnCheck

AFFECTED PRODUCTS

The following products are affected by CVE-2023-53878 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53878.

URL	Resource
https://www.exploit-db.com/exploits/51710
https://www.phpjabbers.com/member-login-script/
https://www.vulncheck.com/advisories/member-login-script-client-side-request-desynchronization-vulnerability

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability