Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Bruteforce Protection Bypass in PAD CMS
Vulnerability Description
PAD CMS implements weak client-side brute-force protection by utilizing two cookies: login_count and login_timeout. Information about attempt count or timeout is not stored on the server, which allows a malicious attacker to bypass this brute-force protection by resetting those cookies. This issue affects all 3 templates: www, bip and www+bip. This product is End-Of-Life and producent will not publish patches for this vulnerability.
CVSS Information
N/A
Vulnerability Type
过多认证尝试的限制不恰当
Vulnerability Title
Polska Akademia Dostępności CMS 安全漏洞
Vulnerability Description
Polska Akademia Dostępności CMS是波兰Polska Akademia Dostępności公司的一个无障碍网站内容管理系统。 Polska Akademia Dostępności CMS存在安全漏洞,该漏洞源于客户端暴力破解保护机制薄弱,攻击者可通过重置cookie绕过保护。
CVSS Information
N/A
Vulnerability Type
N/A