admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-29 01:31:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2019/CVE-2019-17240.md
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

49 lines
2.2 KiB
Markdown
Raw Blame History

### [CVE-2019-17240](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17240)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
### POC
#### Reference
- http://packetstormsecurity.com/files/158875/Bludit-3.9.2-Authentication-Bruteforce-Mitigation-Bypass.html
- http://packetstormsecurity.com/files/159664/Bludit-3.9.2-Bruteforce-Mitigation-Bypass.html
- https://github.com/bludit/bludit/pull/1090
- https://rastating.github.io/bludit-brute-force-mitigation-bypass/
#### Github
- https://github.com/0xConstant/CVE-2019-16113
- https://github.com/0xT11/CVE-POC
- https://github.com/0xkasra/CVE-2019-16113
- https://github.com/0xkasra/CVE-2019-17240
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CasperGN/tooling
- https://github.com/ColdFusionX/CVE-2019-17240_Bludit-BF-Bypass
- https://github.com/LucaReggiannini/Bludit-3-9-2-bb
- https://github.com/LucaReggiannini/LDS
- https://github.com/LucaReggiannini/local-data-stealer
- https://github.com/MrW0l05zyn/bludit-cms-bypass-brute-force-protection-mechanism
- https://github.com/Sheri98/DictionaryAttackTool
- https://github.com/TikvahTerminator/BluditBruteforce
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/anquanscan/sec-tools
- https://github.com/brunosergi/bloodit
- https://github.com/brunosergi0/bloodit
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/drerx/python-pearls
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/jayngng/bludit-CVE-2019-17240
- https://github.com/mind2hex/CVE-2019-17240
- https://github.com/noraj/Bludit-auth-BF-bypass
- https://github.com/pingport80/CVE-2019-17240
- https://github.com/pwnd-root/exploits-and-stuff
- https://github.com/spyx/cve-2019-17240
- https://github.com/tobor88/Python3-Tools
- https://github.com/triple-octopus/Bludit-CVE-2019-17240-Fork
- https://github.com/zweilosec/python-pearls
Reference in New Issue View Git Blame Copy Permalink