Student Record System session.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter session in the file /session.php. An attacker can exploit this vulnerability to execute...

CVE-2025-34086

Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary PHP code into the displayname field of the user profile, which is rendered unsanitized in backend...

CVE-2025-34086

Bolt CMS versions 3.7.0 and earlier are affected by an authenticated remote code execution chain. An authenticated user can inject PHP code into the displayname field, which is rendered unsanitized in backend templates. The attacker can enumerate and rename cached session files via /async/browse/...

CVE-2019-17655

A cleartext storage in a file or on disk CWE-313 vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on...

CVE-2019-13359

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user...

CVE-2019-14782

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to make a request to extract the victim's password for the OS...

CVE-2019-15235

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/USERNAME/tmp/session/sessxxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to gain access to the victim's password for the OS and...

CVE-2018-20914

In cPanel before 70.0.23, OpenID providers can inject arbitrary data into cPanel session files SEC-368...

CVE-2025-35939

Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at...

libplctag 缓冲区错误漏洞

libplctag is an open source C library for libplctag that provides a portable and simple API for accessing Allen-Bradley and Modbus PLC data over Ethernet. A buffer error vulnerability exists in libplctag versions 2.0 through 2.6.3, which stems from an out-of-bounds read in the unpackresponse...

CVE-2025-35939

Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at...

Fail to open the recorded session file using the old version Session Recording Player

"The recorded session file requires a newer version of the Session Recording Player for playback" error message was shown when opening the recorded session file. The error message was shown as below...

Classroombookings 安全漏洞

Classroombookings is a Php, Mysql based school room booking system by Craig A Rodway Individual Developer. A security vulnerability exists in Classroombookings version 2.8.7, which stems from the parameter Name of the file/sessions of the component Session Page can lead to a cross-site scripting...

sudo-rs: Path Traversal vulnerability

Impact An issue was discovered where usernames containing the . and / characters could result in the corruption of specific files on the filesystem. As usernames are generally not limited by the characters they can contain, a username appearing to be a relative path can be constructed. For exampl...

SUSE CVE-2007-4652

The session extension in PHP before 5.2.4 might allow local users to bypass openbasedir restrictions via a session file that is a symlink...

PT-2023-10615 · Unknown · Red Snapper Nview

Name of the Vulnerable Software and Affected Versions: Red Snapper NView affected versions not specified Description: A critical vulnerability has been found in Red Snapper NView. This issue affects the mutate function of the file src/Session.php. The manipulation of the session argument leads to...

in vim/vim

Description A heap-based OOB read of size 4 occurs when a user tries to open a vim session file specified below. This happens regardless of any command line options that could be specified to restrict vim, such -Z and -m. This bug has been found on default vim build lastest commit hash...

in vim/vim

Description A heap-based OOB read of size 1 occurs when a user tries to open a vim session file specified below. This happens regardless of any command line options that could be specified to restrict vim, such -Z and -m. This bug has been found on default vim build lastest commit hash...

in vim/vim

Description A heap-based OOB read of size 1 occurs when a user tries to open a vim session file specified below. This happens regardless of any command line options that could be specified to restrict vim, such -Z and -m. This bug has been found on default vim build version 8.2.3931, commit hash...

Exploit for Session Fixation in Gogs

CVE-2018-18925 Exploitation of CVE-2018-18925 a Remote Code Ex...