22 matches found
CVE-2025-69602
A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who c...
CVE-2025-69601
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
CVE-2025-69601
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
CVE-2025-69602
A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who c...
EUVD-2025-206458
A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who c...
CVE-2025-69602
A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who c...
CVE-2025-69601
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
PT-2026-5188
Name of the Vulnerable Software and Affected Versions 66biolinks version 62.0.0 Description The application does not regenerate the session identifier after successful authentication, leading to a session fixation issue. This allows an attacker who can set or predict a session ID to potentially...
AltumCode 66biolinks security vulnerabilities
AltumCode 66biolinks is a platform-building script provided by AltumCode Corporation. The version 44.0.0 of AltumCode 66biolinks contains a security vulnerability. This vulnerability stems from a directory-traversal vulnerability present in the static site functionality, which could lead to...
CVE-2025-69601
CVE-2025-69601 affects 66biolinks v44.0.0 (AltumCode) in the app’s “Static Sites” feature. A Zip Slip directory traversal occurs when ZIP archives are uploaded, as files are extracted without path validation, allowing traversal sequences (e.g., ../) to write outside the extraction directory. Repo...
EUVD-2025-206457
A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...
CVE-2025-69602
CVE-2025-69602 describes a session fixation vulnerability in 66biolinks v62.0.0 by AltumCode. The issue arises because the application does not regenerate the session identifier after successful authentication, allowing the same session cookie value to be reused for users authenticating in the sa...
AltumCode 66biolinks security vulnerabilities
AltumCode 66biolinks is a platform-building script provided by AltumCode Corporation. The version 66biolinks v62.0.0 contains a security vulnerability, which stems from a session fixation vulnerability and could lead to session hijacking...
PT-2026-5187
Name of the Vulnerable Software and Affected Versions 66biolinks version 44.0.0 Description A directory traversal issue exists in the “Static Sites” feature. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences...
CVE-2025-66939
Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file...
CVE-2025-66939
Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file...
CVE-2025-66939
Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file...
CVE-2025-66939
Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file...
CVE-2025-66939
Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file...
AltumCode 66biolinks 安全漏洞
AltumCode 66biolinks is a platform builder script from AltumCode, Inc. A security vulnerability exists in AltumCode 66biolinks version v.61.0.1, which stems from improper handling of specially crafted favicon files and could lead to cross-site scripting attacks...