Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side access control and login attempt limit enforcement. An attacker could exploit this vulnerability by sending modified login attempts to the Portal login page. An exploit could allow the attacker to identify existing users and perform brute-force password attacks on the Portal, as demonstrated by navigating to the user/4 URI.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Gleez CMS 安全漏洞
Vulnerability Description
Gleez CMS是一套基于Kohana框架的可扩展的开源内容管理系统(CMS)。 Gleez CMS 1.2.0版本中的登录页面存在安全漏洞,该漏洞源于程序没有充分地执行服务器端访问控制并限制登录的次数。攻击者可通过发送被修改的登录请求利用该漏洞确定已存在的用户并实施暴力破解攻击。
CVSS Information
N/A
Vulnerability Type
N/A