Mrbaseman

**Name of the Vulnerable Software and Affected Versions** WBCE CMS (affected versions not specified) **Description** A problematic issue has been found in WBCE CMS, affecting the function `increase attempts` of the file `wbce/framework/class.login.php` of the component Header Handler. The manipulation of the argument `X-Forwarded-For` leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. **Recommendations** To fix this issue, it is recommended to apply a patch with the name `d394ba39a7bfeb31eda797b6195fd90ef74b2e75`. As a temporary workaround, consider disabling the `increase attempts` function until a patch is available. Restrict access to the `wbce/framework/class.login.php` file to minimize the risk of exploitation. Avoid using the argument `X-Forwarded-For` in the affected component until the issue is resolved.