Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

phpMyFAQ Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2017-11187)

Description

phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in attempted logins quickly.

Remediation

References

Related Vulnerabilities

WordPress Plugin VideoWhisper Video Conference Integration Arbitrary File Upload (4.91.8)

Plone CMS Improper Input Validation Vulnerability (CVE-2013-4195)

Joomla! Core 3.3.x Remote File Inclusion (3.3.0 - 3.3.4)

MySQL CVE-2022-21321 Vulnerability (CVE-2022-21321)

MediaWiki Improper Input Validation Vulnerability (CVE-2010-1189)

Severity

Critical

Classification

CVE-2017-11187 CWE-307 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities