ENTAB ERP 1.0 allows malicious users to discover users' full names via a brute force attack with a series of student usernames such as s10000 through s20000. There is no rate limiting.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
entab erp 1.0 |