CVE-2014-9006

Name of the Vulnerable Software and Affected Versions Monstra versions 3.0.1 and earlier

Description The issue allows remote attackers to conduct brute force login attacks. This is possible because Monstra uses a cookie to track the number of login attempts, and an attacker can manipulate this by deleting the login attempts cookie or setting it to specific values.

Recommendations For Monstra versions 3.0.1 and earlier, consider implementing additional security measures to prevent brute force login attacks, such as restricting access to the login functionality after a certain number of failed attempts or using a more secure method to track login attempts. At the moment, there is no information about a newer version that contains a fix for this issue.