• Welcome to Simple Machines Community Forum. Please login or sign up.
November 30, 2021, 11:53:17 PM

News:

SMF 2.0.18 has been released! Please update. Read more.


[Minor] "Login after login" bug.

Started by NobodySec, February 23, 2016, 03:59:34 PM

Previous topic - Next topic

NobodySec

February 23, 2016, 03:59:34 PM Last Edit: July 22, 2018, 09:49:04 AM by Gwenwyfar
Hello there! I'm Nobody, today i'm reporting a simple n' minor bug, but a bug is a bug. All bugs are important for me.

This bug consist in login after login, how? This is simple.

Only you need to do is login to your account in a SMF Forum, and after that navigate to "something-url. net/blabla/index.php?action=login".
In the case of Simple Machines Forums: "http://www.simplemachines.org/community/index.php?action=login".
Congratulations! You're now logging after login.

PoC (attached image).

This is all.

(P.S.: Sorry for my (maybe) bad english, i'm from Argentina).

Greetings
Nobody.

Shambles


Antes

That page needs to redirect back to index.php ($scripturl) if user is logged. Funny enough register action does what i said.

NobodySec

Quote from: Antes on February 23, 2016, 04:06:56 PM
That page needs to redirect back to index.php ($scripturl) if user is logged. Funny enough register action does what i said.

I think same. Is the best solution.

Greetings.

Advertisement: