7 matches found
PT-2024-40392 · Laravel · Laravel
Name of the Vulnerable Software and Affected Versions: Laravel versions prior to 4.1.26 Description: The issue concerns the security of "remember me" cookies. If a remember cookie was hijacked by another malicious user, the cookie would remain valid for a long period of time, even after the true...
PT-2024-40420 · Laravel · Laravel
Name of the Vulnerable Software and Affected Versions: Laravel versions prior to 4.1.26 Description: The issue concerns the security of "remember me" cookies. If a remember cookie was hijacked by another malicious user, the cookie would remain valid for a long period of time, even after the true...
CVE-2024-25844
An issue was discovered in Common-Services "So Flexibilite" soflexibilite module for PrestaShop before version 4.1.26, allows remote attackers to escalate privileges and obtain sensitive information via debug file...
PrestaShop Security Breach
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, short message alerts, and product image scaling. A security vulnerability previously existed in PrestaShop So Flexibilite version 4.1.26, which stemmed from a...
PT-2024-21153 · Unknown +1 · Prestashop +1
Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 4.1.26 Description: The issue allows a guest or authenticated customer to perform Cross Site Scripting XSS injection in the "So Flexibilite" module from Common-Services. Recommendations: For PrestaShop versions...
WordPress Multiple Vulnerabilities (Mar 2019) - Windows
WordPress is prone to a cross-site request forgery CSRF vulnerability in a comment form which leads to HTML injection and cross-site scripting XSS attacks. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.1 kernel was updated to 4.1.26 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils was...