noraj (11)

Last Login: May 08, 2021
Assessments
4
Score
11

noraj's Contributions (4)

Sort by:
Filter by:
1
Ratings
  • Attacker Value
    Medium
  • Exploitability
    Medium
Technical Analysis

Be careful it actually modifies the code of the application.

1
Ratings
  • Attacker Value
    Medium
  • Exploitability
    Medium
Technical Analysis

Be careful it actually modifies the code of the application.

2
Ratings
  • Attacker Value
    Very High
  • Exploitability
    Very High
Technical Analysis

Unauthenticated RCE with default config, this is critical.

3
Ratings
  • Attacker Value
    Low
  • Exploitability
    High
Technical Analysis

This is just a security bypass allowing an attacker to perform a brute-force attack on the authentication form without being blocked after 10 attemps.
So 9.8 CVSS score is way too high for this vuln.