d3ndr1t30x / bludithammer Goto Github PK
View Code? Open in Web Editor NEWVersions prior to and including 3.9.2 of the Bludit CMS are vulnerable to a bypass of the anti-brute force mechanism that is in place to block users that have attempted to incorrectly login 10 times or more. Based on a POC created by rastating in this blog post: https://rastating.github.io/bludit-brute-force-mitigation-bypass/