Security vulnerabilities in Loginizer (1)


  • DOS through IP spoofing – (Loginizer <= 1.7.3)

    An attacker can ban arbitrary IP addresses on the target side by spoofing HTTP headers. This can be exploited to ban search-engine crawlers, the site’s reverse proxy, or legitimate users.