5
CVSSv2

CVE-2018-19548

Published: 26/11/2018 Updated: 28/01/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

index.php?r=site%2Flogin in EduSec through 4.2.6 does not restrict sending a series of LoginForm[username] and LoginForm[password] parameters, which might make it easier for remote malicious users to obtain access via a brute-force approach.

Vulnerability Trend

Affected Products

Vendor Product Versions
RudrasoftechEdusec4.2.6