Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
brute force vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-2599
The Anti-Malware Security and Brute-Force Firewall WordPress plugin prior to 4.21.83 does not sanitise and escape some parameters before outputting them back in an admin dashboard, leading to Reflected Cross-Site Scripting
Anti-malware Security And Brute-force Firewall Project Anti-malware Security And Brute-force Firewall
4.8
CVSSv3
CVE-2021-25101
The Anti-Malware Security and Brute-Force Firewall WordPress plugin prior to 4.20.94 does not sanitise and escape the POST data before outputting it back in attributes of an admin page, leading to a Reflected Cross-Site scripting. Due to the presence of specific parameter value, ...
Anti-malware Security And Brute-force Firewall Project Anti-malware Security And Brute-force Firewall
6.1
CVSSv3
CVE-2022-0953
The Anti-Malware Security and Brute-Force Firewall WordPress plugin prior to 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters
Download Anti-malware Security And Brute-force Firewall Project Download Anti-malware Security And Brute-force Firewall
8.8
CVSSv3
CVE-2014-5034
Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote malicious users to hijack the authentication of unspecified users for requests that have unknown impact via a crafted request to the brute-force-login-protec...
Fresh-media Brute Force Login Protection 1.3
3.7
CVSSv3
CVE-2020-29042
An issue exists in BigBlueButton up to and including 2.2.29. A brute-force attack may occur because an unlimited number of codes can be entered for a meeting that is protected by an access code.
Bigbluebutton Bigbluebutton
9.8
CVSSv3
CVE-2023-40834
OpenCart CMS v4.0.2.2 exists to lack a protective mechanism on its login page against excessive login attempts, allowing unauthenticated malicious users to gain access to the application via a brute force attack to the password parameter.
Opencart Opencart 4.0.2.2
9.8
CVSSv3
CVE-2019-15929
In Craft CMS up to and including 3.1.7, the elevated session password prompt was not being rate limited like normal login forms, leading to the possibility of a brute force attempt on them.
Craftcms Craft Cms
NA
CVE-2001-1528
AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote malicious users to determine the existence of valid account numbers via a brute force attack.
Amtote Homebet -
1 EDB exploit
8.8
CVSSv3
CVE-2023-43320
An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated malicious user to escalate privileges via bypassing the two-factor authentication component.
Proxmox Backup Server
Proxmox Proxmox Mail Gateway
Proxmox Virtual Environment
9.8
CVSSv3
CVE-2001-1339
Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when bad passwords are entered, which makes it easier for remote malicious users to conduct brute force password guessing attacks.
Anybus Ipc@chip Firmware -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
local
IMAP
CVE-2024-8504
CVE-2024-42327
CVE-2024-11904
CVE-2024-47107
CVE-2024-53143
XML injection
CVE-2024-54750
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »