brute force vulnerabilities and exploits

(subscribe to this query)

3.5

CVSSv2

The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.94 does not sanitise and escape the POST data before outputting it back in attributes of an admin page, leading to a Reflected Cross-Site scripting. Due to the presence of specific parameter value,...

Anti-malware Security And Brute-force Firewall Project Anti-malware Security And Brute-force Firewall

4.3

CVSSv2

The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters...

Download Anti-malware Security And Brute-force Firewall Project Download Anti-malware Security And Brute-force Firewall

NA

The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.21.83 does not sanitise and escape some parameters before outputting them back in an admin dashboard, leading to Reflected Cross-Site Scripting...

Anti-malware Security And Brute-force Firewall Project Anti-malware Security And Brute-force Firewall1 Github repository available

6.8

CVSSv2

Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that have unknown impact via a crafted request to the brute-force-login-protection...

Fresh-media Brute Force Login Protection 1.3

NA

User login brute force protection functionality bypass ...

Citrix Gateway Citrix Application Delivery Controller Firmware

NA

OpenCart v4.0.2.2 is vulnerable to Brute Force Attack....

Opencart Opencart 4.0.2.2

5

CVSSv2

In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery. The brute force protection submodule will prevent a brute force attack for the defined lockout period, but once expired, protection will not be re-enabled until a user...

Sorcery Project Sorcery

5

CVSSv2

Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force....

Ricoh Sp C250sf Firmware Ricoh Sp C252sf Firmware Ricoh Sp C250dn Firmware 1.05 Ricoh Sp C252dn Firmware

5

CVSSv2

Grand MA 300 allows a brute-force attack on the PIN....

Granding Grand Ma300 Firmware 6.601 EDB exploit available

7.2

CVSSv2

The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password....

Cryptsetup Project Cryptsetup3 Github repositories available3 Articles available

Get Started

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook