Vulnerabilities (CVE)

Filtered by vendor Talelin Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-18701	1 Talelin	1 Lin-cms-flask	2022-07-10	7.5 HIGH	9.8 CRITICAL
Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets.
CVE-2020-18698	1 Talelin	1 Lin-cms-flask	2022-07-10	5.0 MEDIUM	9.8 CRITICAL
Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attackers to launch brute force login attempts without restriction via the 'login' function in the component 'app/api/cms/user.py'.