PT-2025-16209 · Unknown · Scriptandtools Ecommerce-Website-In-Php

Maloyroyorko

Publicado

2025-04-14

Atualizado

2025-07-17

CVE-2025-3556

CVSS v3.1

8.1

Alta

Vetor

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ScriptAndTools eCommerce-website-in-PHP version 3.0

Description A problematic vulnerability exists due to improper restriction of excessive authentication attempts. This issue affects an unknown functionality within the /admin/login.php file and can be exploited remotely. The complexity of the attack is considered high, and exploitation appears to be difficult. The vulnerability has been publicly disclosed and is actively exploited. The vendor was notified but did not respond.

Recommendations ScriptAndTools eCommerce-website-in-PHP version 3.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Restriction of Excessive Authentication Attempts

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-799CWE-307

Identificadores relacionados

CVE-2025-3556

Produtos afetados

Scriptandtools Ecommerce-Website-In-Php

PT-2025-16209 · Unknown · Scriptandtools Ecommerce-Website-In-Php

CVE-2025-3556

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13