Lucene search
K

4 matches found

OSV
OSV
added 2022/05/17 12:53 a.m.16 views

GHSA-2M9R-PM7Q-WR6F GeniXCMS denial of service (account blockage)

GeniXCMS before 1.1.0 allows remote attackers to cause a denial of service account blockage by leveraging the mishandling of certain username substring relationships, such as the admin username versus the admin username, related to register.php, User.class.php, and Type.class.php...

5.3CVSS5.2AI score0.01421EPSS
Exploits1References5
OSV
OSV
added 2019/08/15 5:15 p.m.1 views

UBUNTU-CVE-2019-11187

Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided...

9.8CVSS7.4AI score0.01749EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/09/10 7:0 a.m.25 views

CVE-2017-14231

GeniXCMS before 1.1.0 allows remote attackers to cause a denial of service account blockage by leveraging the mishandling of certain username substring relationships, such as the admin username versus the admin username, related to register.php, User.class.php, and Type.class.php...

5.3AI score0.01421EPSS
Exploits1References2
CVE
CVE
added 2017/09/10 7:0 a.m.62 views

CVE-2017-14231

GeniXCMS before 1.1.0 is vulnerable to denial of service (account blockage) caused by mishandling of certain username substring relationships (e.g., admin[removed] vs admin) in registration logic. The issue affects register.php, User.class.php, and Type.class.php, and can be triggered remotely to...

5.3CVSS5.2AI score0.01421EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder