GHSA-GC7Q-JGJV-VJR2 Keycloak Services has a potential bypass of brute force protection

If an attacker launches many login attempts in parallel then the attacker can have more guesses at a password than the brute force protection configuration permits. This is due to the brute force check occurring before the brute force protector has locked the user. Acknowledgements: Special thank...

WDCP一处小地方不严谨引发的一系列安全隐患

简要描述： 求打雷求打雷 貌似WDCP的用户好多呀，然后某宝上面用wdcp做控制面板开空间的也好多... WDCP一处小地方不严谨，引发成功登录和登录失败的IP均可以被伪造、“登录锁定”这个功能被绕过、登录记录前台无法查看、奇怪的生物混进来以及各种xss 详细说明： 本漏洞是基于 WooYun: WDCP后台的登录IP可被伪造 的再深入挖掘 系统信息 系统名称：WDlinux Control Panel 简称wdCP WD订阅 当前版本: wdcpv2.5.1120140926 最新 wdcpv2.5.1120140926 更新日志 操作系统：Linux 2.6.18-308.el5...

VisualSite CMS 1.3 - Multiple Vulnerabilities

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-25-visualsite-cms-multiple-vulnerabilities/ ''' Abysssec Inc Public Advisory Title : VisualSite CMS Multiple...