Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

brute force vulnerabilities and exploits

(subscribe to this query)

4.8
CVSSv3
CVE-2021-25101
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.94 does not sanitise and escape the POST data before outputting it back in attributes of an admin page, leading to a Reflected Cross-Site scripting. Due to the presence of specific parameter value,...
Anti-malware Security And Brute-force Firewall Project Anti-malware Security And Brute-force Firewall
7.2
CVE-2022-4327
This issue does not bear any security risk as it's only exploitable by users with administrator or super-administrator roles, who can already do what they want on their site....
Anti-malware Security And Brute-force Firewall Project Anti-malware Security And Brute-force Firewall
6.1
CVSSv3
CVE-2022-0953
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters...
Download Anti-malware Security And Brute-force Firewall Project Download Anti-malware Security And Brute-force Firewall
6.1
CVE-2022-2599
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.21.83 does not sanitise and escape some parameters before outputting them back in an admin dashboard, leading to Reflected Cross-Site Scripting...
Anti-malware Security And Brute-force Firewall Project Anti-malware Security And Brute-force Firewall
8.8
CVSSv3
CVE-2014-5034
Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that have unknown impact via a crafted request to the brute-force-login-protection...
Fresh-media Brute Force Login Protection 1.3
9.8
CVE-2022-27516
User login brute force protection functionality bypass...
Citrix GatewayCitrix Application Delivery Controller Firmware
9.8
CVSSv3
CVE-2020-11052
In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery. The brute force protection submodule will prevent a brute force attack for the defined lockout period, but once expired, protection will not be re-enabled until a user...
Sorcery Project Sorcery
9.8
CVSSv3
CVE-2019-14299
Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force....
Ricoh Sp C250sf FirmwareRicoh Sp C252sf FirmwareRicoh Sp C250dn Firmware 1.05Ricoh Sp C252dn Firmware
9.8
CVSSv3
CVE-2014-5381
Grand MA 300 allows a brute-force attack on the PIN....
Granding Grand Ma300 Firmware 6.60
9.8
CVSSv3
CVE-2019-18985
Pimcore before 6.2.2 lacks brute force protection for the 2FA token....
Pimcore Pimcore
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelessSQLCVE-2023-1454overflowCVE-2022-48425CVE-2023-25064CVE-2023-28107
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook