plugins/box/users/users.plugin.php in Monstra CMS 3.0.4 allows Login Rate Limiting Bypass via manipulation of the login_attempts cookie.
References
Link | Resource |
---|---|
http://abdilahrf.github.io/login-rate-limiting-bypass | Exploit Third Party Advisory |
http://abdilahrf.github.io/login-rate-limiting-bypass | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 03:43
Type | Values Removed | Values Added |
---|---|---|
References | () http://abdilahrf.github.io/login-rate-limiting-bypass - Exploit, Third Party Advisory |
Information
Published : 2018-06-05 11:29
Updated : 2024-11-21 03:43
NVD link : CVE-2018-11678
Mitre link : CVE-2018-11678
CVE.ORG link : CVE-2018-11678
JSON object : View
Products Affected
monstra
- monstra_cms
CWE
CWE-20
Improper Input Validation