RSS   Vulnerabilities for 'Amberdms billing system'   RSS

2014-01-10
 
CVE-2010-5292

CWE-200
 

 
Amberdms Billing System (ABS) before 1.4.1, when a multi-instance installation is configured, might allow local users to obtain sensitive information by reading the cache in between runs of the include/cron/services_usage.php cron job.

 
 
CVE-2010-5291

CWE-264
 

 
Amberdms Billing System (ABS) before 1.4.1 does not properly implement blacklisting after detection of invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach.

 


Copyright 2017, cxsecurity.com

 

Back to Top