ColdFusionX (Mayank Deshmukh) - Security Researcher

CVE-2019-17240 NOMISEC CRITICAL WORKING POC

Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass via X-Forwarded-For Header

bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.

2 stars

CVSS 9.8

View Code

CVE-2019-17240 NOMISEC CRITICAL WORKING POC

Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass via X-Forwarded-For Header

bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.

1 stars

CVSS 9.8

View Code

CVE-2019-17240 EXPLOITDB CRITICAL python WORKING POC

Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass via X-Forwarded-For Header

bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.

CVSS 9.8

View Code