Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
brute force vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2021-25101
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.94 does not sanitise and escape the POST data before outputting it back in attributes of an admin page, leading to a Reflected Cross-Site scripting. Due to the presence of specific parameter value,...
Anti-malware Security And Brute-force Firewall Project Anti-malware Security And Brute-force Firewall
7.2
CVE-2022-4327
This issue does not bear any security risk as it's only exploitable by users with administrator or super-administrator roles, who can already do what they want on their site....
Anti-malware Security And Brute-force Firewall Project Anti-malware Security And Brute-force Firewall
6.1
CVSSv3
CVE-2022-0953
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters...
Download Anti-malware Security And Brute-force Firewall Project Download Anti-malware Security And Brute-force Firewall
6.1
CVE-2022-2599
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.21.83 does not sanitise and escape some parameters before outputting them back in an admin dashboard, leading to Reflected Cross-Site Scripting...
Anti-malware Security And Brute-force Firewall Project Anti-malware Security And Brute-force Firewall
1 Github repository available
8.8
CVSSv3
CVE-2014-5034
Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that have unknown impact via a crafted request to the brute-force-login-protection...
Fresh-media Brute Force Login Protection 1.3
9.8
CVE-2022-27516
User login brute force protection functionality bypass...
Citrix Gateway
Citrix Application Delivery Controller Firmware
1 Github repository available
9.8
CVSSv3
CVE-2020-11052
In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery. The brute force protection submodule will prevent a brute force attack for the defined lockout period, but once expired, protection will not be re-enabled until a user...
Sorcery Project Sorcery
9.8
CVSSv3
CVE-2019-14299
Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force....
Ricoh Sp C250sf Firmware
Ricoh Sp C252sf Firmware
Ricoh Sp C250dn Firmware 1.05
Ricoh Sp C252dn Firmware
9.8
CVSSv3
CVE-2014-5381
Grand MA 300 allows a brute-force attack on the PIN....
Granding Grand Ma300 Firmware 6.60
1 EDB exploit available
9.8
CVSSv3
CVE-2019-18985
Pimcore before 6.2.2 lacks brute force protection for the 2FA token....
Pimcore Pimcore
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
wireless
SQL
CVE-2023-1454
overflow
CVE-2022-48425
CVE-2023-25064
CVE-2023-28107
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »