Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass authentication under the specific condition.
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Name | Vendor | Start Version | End Version |
---|---|---|---|
A-blog_cms | Appleple | 2.8.0 (including) | 2.8.74 (excluding) |
A-blog_cms | Appleple | 2.9.0 (including) | 2.9.39 (excluding) |
A-blog_cms | Appleple | 2.10.0 (including) | 2.10.43 (excluding) |
A-blog_cms | Appleple | 2.11.0 (including) | 2.11.41 (excluding) |