5.3

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-14231

GHSA ID

GHSA-2m9r-pm7q-wr6f

EPSS Score

0.6874%

CWE

CWE-20

Published

5/17/2022

Updated

4/25/2024

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2017-14231

CVE-2017-14231: GeniXCMS denial of service (account blockage)

GeniXCMS before 1.1.0 allows remote attackers to cause a denial of service (account blockage) by leveraging the mishandling of certain username substring relationships, such as the admin<script> username versus the admin username, related to register.php, User.class.php, and Type.class.php.

(GitHub Advisory)

5.3

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-14231

GHSA ID

GHSA-2m9r-pm7q-wr6f

EPSS Score

0.6874%

CWE

CWE-20

Published

5/17/2022

Updated

4/25/2024

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
genix/cms	composer	< 1.1.0	1.1.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

**niX*MS ***or* *.*.* *llows r*mot* *tt**k*rs to **us* * **ni*l o* s*rvi** (***ount *lo*k***) *y l*v*r**in* t** mis**n*lin* o* **rt*in us*rn*m* su*strin* r*l*tions*ips, su** *s t** **min<s*ript> us*rn*m* v*rsus t** **min us*rn*m*, r*l*t** to r**ist*r

Reasoning

No *n*lysis *v*il**l*

5.3

Basic Information

Concerned about an active attack path?

CVE-2017-14231: GeniXCMS denial of service (account blockage)

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI