QwikSec

Security Database

CVE

CWE

Training

CVE-2023-53878

Published: Dec 15, 2025

Modified: May 12, 2026

PUBLISHED

Description

Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows attackers to manipulate HTTP request handling by exploiting Content-Length header parsing. Attackers can send crafted POST requests with smuggled secondary requests to potentially bypass server-side request processing controls.

Vendor	Product	Versions
Phpjabbers	Member Login Script	affected `3.3`

Weaknesses (CWE)

References

ExploitDB-51710

exploit

Product Webpage

product

VulnCheck Advisory: Member Login Script 3.3 Client-Side Request Desynchronization Vulnerability

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.