Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Dolibarr Improper Authentication Vulnerability (CVE-2020-7995)

Description

The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts.

Remediation

References

Related Vulnerabilities

Drupal Resource Management Errors Vulnerability (CVE-2012-1588)

WordPress Plugin WP Membership Multiple Vulnerabilities (1.2.3)

TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-41113)

PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-7568)

WordPress Plugin Contact Form 7 Database Addon-CFDB7 Unspecified Vulnerability (1.2.5.7)

Severity

Critical

Classification

CVE-2020-7995 CWE-287 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities