10 matches found
Vikunja has a Rate-Limit Bypass for Unauthenticated Users via Spoofed Headers
Summary Unauthenticated users are able to bypass the application's built-in rate-limits by spoofing the X-Forwarded-For or X-Real-IP headers due to the rate-limit relying on the value of echo.Context.RealIP. Details In the first file below, the rate-limit for unauthenticated users can be observed...
EUVD-2020-4945
Malware in sbrugna...
EUVD-2021-26485
Malware in sbrugna...
EUVD-2024-49784
Malicious code in bioql PyPI...
CVE-2024-9199
Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of service DoS...
CVE-2024-9199
CVE-2024-9199 affects Clibo Manager v1.1.9.2. The issue is a rate-limit vulnerability in the email-sending flow, which could allow an attacker to flood recipients with emails in a short period and cause a DoS by impacting availability. Public sources consistently reference the vulnerability in Cl...
PT-2024-39483 · Unknown · Clibo Manager
Name of the Vulnerable Software and Affected Versions: Clibo Manager version 1.1.9.2 Description: The issue is related to a rate limit vulnerability that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of servi...
PHPJabbers Cinema Booking System Security Vulnerability
PHPJabbers Cinema Booking System is a theater booking system from PHPJabbers. A security vulnerability exists in PHPJabbers Cinema Booking System version 1.0, which stems from a lost rate limit vulnerability...
PHPJabbers Event Booking Calendar Security Vulnerability
PHPJabbers Event Booking Calendar is an event calendar application. A security vulnerability exists in PHPJabbers Event Booking Calendar version 4.0, which stems from the presence of multiple lost rate limit vulnerabilities...
PHPJabbers Meeting Room Booking System Security Vulnerability
PHPJabbers Meeting Room Booking System is a meeting room booking system from the Serbian company PHPJabbers. A security vulnerability exists in PHPJabbers Meeting Room Booking System version 1.0, which originates from a lost rate limit vulnerability...