CVE-2025-69602

A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who c...

CVE-2025-69602

A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who c...

CVE-2025-69601

A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...

CVE-2025-69601

A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...

PT-2026-5188

Name of the Vulnerable Software and Affected Versions 66biolinks version 62.0.0 Description The application does not regenerate the session identifier after successful authentication, leading to a session fixation issue. This allows an attacker who can set or predict a session ID to potentially...

CVE-2025-69601

A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...

CVE-2025-69602

A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who c...

EUVD-2025-206458

A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who c...

CVE-2025-69602

CVE-2025-69602 describes a session fixation vulnerability in 66biolinks v62.0.0 by AltumCode. The issue arises because the application does not regenerate the session identifier after successful authentication, allowing the same session cookie value to be reused for users authenticating in the sa...

CVE-2025-69601

A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...

CVE-2025-69602

A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who c...

EUVD-2025-206457

A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...

CVE-2025-69602

A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who c...

CVE-2025-69601

CVE-2025-69601 affects 66biolinks v44.0.0 (AltumCode) in the app’s “Static Sites” feature. A Zip Slip directory traversal occurs when ZIP archives are uploaded, as files are extracted without path validation, allowing traversal sequences (e.g., ../) to write outside the extraction directory. Repo...

CVE-2025-66939

Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file...

CVE-2025-66939

Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file...

CVE-2025-66939

Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file...

CVE-2025-66939

Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file...

AltumCode 66biolinks 安全漏洞

AltumCode 66biolinks is a platform builder script from AltumCode, Inc. A security vulnerability exists in AltumCode 66biolinks version v.61.0.1, which stems from improper handling of specially crafted favicon files and could lead to cross-site scripting attacks...

CVE-2025-66939

CVE-2025-66939 is a Cross Site Scripting vulnerability in AltumCode’s 66biolinks, version 61.0.1, where specially crafted favicon files can cause an attacker to execute arbitrary code. The root cause is described as improper handling of favicon files that triggers XSS. The affected software is 66...