EUVD-2022-36219

Malicious code in bioql PyPI...

CVE-2019-12746

An issue was discovered in Open Ticket Request System OTRS Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be...

Micro Focus GroupWise Session ID Disclosure

Trovent Security Advisory 2203-01 Micro Focus GroupWise transmits session ID in URL Overview Advisory ID: TRSA-2203-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2203-01 Affected product: Micro Focus GroupWise Affected version: prior to 18.4.2...

CVE-2019-12746

An issue was discovered in Open Ticket Request System OTRS Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be...

Design/Logic Flaw

An issue was discovered in Open Ticket Request System OTRS Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be...

CVE-2019-12746

An issue was discovered in Open Ticket Request System OTRS Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be...

CVE-2017-1152

IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Force ID: 122293...

Active! mail 2003 session ID disclosure vulnerability

Overview Active! mail 2003 from TransWARE Co. contains a vulnerability in which session IDs may be disclosed. Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a vulnerability in which session IDs may be disclosed. Kenichi Maehashi of CIS RAT at Hosei...

CVE-2007-6470

phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read session ID values in files under tmp/, and then hijack sessions via PHPSESSID cookies...

Apache Tomcat 6.0.13 - Insecure Cookie Handling Quote Delimiter Session ID Disclosure

Apache Tomcat 6.0.13 - Insecure Cookie Handling Quote Delimiter Session ID Disclosure source: https://www.securityfocus.com/bid/25316/info Apache Tomcat is prone to multiple information-disclosure vulnerabilities because it fails to adequately sanitize user-supplied data. Attackers can exploit...

[SA13437] Sun Java System Web Server / Application Server Session ID Disclosure

TITLE: Sun Java System Web Server / Application Server Session ID Disclosure SECUNIA ADVISORY ID: SA13437 VERIFY ADVISORY: http://secunia.com/advisories/13437/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Sun Java System Web Server Sun ONE/iPlanet...

Multiple Sun ONE bugs

Session ID disclosure, crossite scripting...