An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies.Referenceshttps://github.com/AvaterXXX/laobanCMS/blob/master/1.md#unauthorized-access
