← Back

2 Factor Authentication

2_factor_authentication

Vendor: Lmsdoctor • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-28601
1Lmsdoctor
12 Factor Authentication
Nov 21, 2024
May 10, 2022
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor allows remote attackers to overwrite the phone number used for confirmation via the profile.php file. Therefore, allo...Show more
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor allows remote attackers to overwrite the phone number used for confirmation via the profile.php file. Therefore, allowing them to bypass the phone verification mechanism.Show less
CVE-2022-28986
1Lmsdoctor
12 Factor Authentication
Nov 21, 2024
May 10, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, pas...Show more
LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts.Show less