Lucene search
+L

1678 matches found

Packet Storm
Packet Storm
added 2026/03/18 12:0 a.m.141 views

📄 FreePBX Filestore Command Injection

This script targets a potential remote command execution vector in the FreePBX Filestore module by leveraging a valid PHP session cookie PHPSESSID to access administrative AJAX endpoints. The exploit attempts to abuse the testconnection function within the filestore module to inject and execute...

8.6CVSS6.4AI score0.84618EPSS
Exploits4
OSV
OSV
added 2026/03/17 7:52 p.m.7 views

GHSA-QC3P-398R-P59J AVideo affected by Session Hijacking via Unauthenticated Session ID Disclosure with Permissive CORS

Summary /objects/phpsessionid.json.php exposes the current PHP session ID to any unauthenticated request. The allowOrigin function reflects any Origin header back in Access-Control-Allow-Origin with Access-Control-Allow-Credentials: true, enabling cross-origin session theft and full account...

8.1CVSS5.9AI score0.00345EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/03/17 7:52 p.m.8 views

AVideo affected by Session Hijacking via Unauthenticated Session ID Disclosure with Permissive CORS

Summary /objects/phpsessionid.json.php exposes the current PHP session ID to any unauthenticated request. The allowOrigin function reflects any Origin header back in Access-Control-Allow-Origin with Access-Control-Allow-Credentials: true, enabling cross-origin session theft and full account...

8.1CVSS5.9AI score0.00345EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.9 views

PT-2026-26000

Summary /objects/phpsessionid.json.php exposes the current PHP session ID to any unauthenticated request. The allowOrigin function reflects any Origin header back in Access-Control-Allow-Origin with Access-Control-Allow-Credentials: true, enabling cross-origin session theft and full account...

8.1CVSS5.9AI score0.00345EPSS
Exploits1References9
NVD
NVD
added 2026/03/11 6:16 p.m.6 views

CVE-2026-31975

Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into...

9.8CVSS0.03433EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/11 5:27 p.m.33 views

CVE-2026-31975 Cloud CLI WebSocket shell injection

Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into...

8.7CVSS0.03433EPSS
Exploits1References3
OSV
OSV
added 2026/03/11 5:27 p.m.7 views

CVE-2026-31975 Cloud CLI WebSocket shell injection

Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into...

8.7CVSS5.9AI score0.03433EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/07 3:30 a.m.7 views

EUVD-2026-10094

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a predictable session identifier vulnerability in the /goform/SetLogin endpoint that allows remote attackers to hijack authenticated sessions. Attackers can predict session identifiers using insufficiently random cook...

8.6CVSS5.8AI score0.00495EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/07 12:0 a.m.14 views

PT-2026-23783

Name of the Vulnerable Software and Affected Versions XikeStor SKS8310-8X Network Switch firmware versions prior to 1.04.B07 Description The XikeStor SKS8310-8X Network Switch firmware contains a flaw related to session identifiers. A remote attacker can hijack authenticated sessions by predictin...

9.8CVSS5.8AI score0.00495EPSS
Exploits0References9
EUVD
EUVD
added 2026/03/05 9:59 p.m.5 views

EUVD-2026-9928

OpenClaw versions prior to 2026.2.12 construct transcript file paths using unsanitized sessionId parameters and sessionFile paths without enforcing directory containment. Authenticated attackers can exploit path traversal sequences like ../../etc/passwd in sessionId or sessionFile parameters to...

8.4CVSS6AI score0.00136EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/05 9:59 p.m.33 views

CVE-2026-28482 OpenClaw < 2026.2.12 - Path Traversal via Unsanitized sessionId and sessionFile Parameters

OpenClaw versions prior to 2026.2.12 construct transcript file paths using unsanitized sessionId parameters and sessionFile paths without enforcing directory containment. Authenticated attackers can exploit path traversal sequences like ../../etc/passwd in sessionId or sessionFile parameters to...

8.4CVSS0.00136EPSS
Exploits0References4
OSV
OSV
added 2026/03/05 9:59 p.m.5 views

CVE-2026-28482 OpenClaw < 2026.2.12 - Path Traversal via Unsanitized sessionId and sessionFile Parameters

OpenClaw versions prior to 2026.2.12 construct transcript file paths using unsanitized sessionId parameters and sessionFile paths without enforcing directory containment. Authenticated attackers can exploit path traversal sequences like ../../etc/passwd in sessionId or sessionFile parameters to...

8.4CVSS7.1AI score0.00136EPSS
Exploits0References6
CVE
CVE
added 2026/03/05 9:59 p.m.19 views

CVE-2026-28482

CVE-2026-28482 – OpenClaw : OpenClaw versions prior to 2026.2.12 are vulnerable to path traversal in transcript file paths constructed from unsanitized sessionId parameters and sessionFile paths, allowing an authenticated attacker to read or write files outside the agent sessions directory (e.g.,...

8.4CVSS6AI score0.00136EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/05 2:3 p.m.3 views

SUSE CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

9.1CVSS5.8AI score0.00583EPSS
Exploits0References3
NVD
NVD
added 2026/03/05 2:16 a.m.6 views

CVE-2025-40926

Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be...

9.8CVSS0.00433EPSS
Exploits0References6
NVD
NVD
added 2026/03/05 2:16 a.m.8 views

CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

9.1CVSS0.00583EPSS
Exploits0References10
OSV
OSV
added 2026/03/05 2:16 a.m.3 views

CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

9.1CVSS5.7AI score
Exploits0References5
OSV
OSV
added 2026/03/05 2:16 a.m.6 views

UBUNTU-CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

9.1CVSS5.8AI score0.00583EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/05 1:41 a.m.5 views

CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

9.1CVSS5.8AI score0.00583EPSS
Exploits0References10
CVE
CVE
added 2026/03/05 1:41 a.m.39 views

CVE-2025-40931

Apache::Session::Generate::MD5 (versions through 1.94 for Perl) creates insecure session IDs. The default generator returns a MD5 hash seeded with the built-in rand(), the epoch time, and the PID; the PID comes from a small set, and the epoch time may be guessed if not leaked. Built-in rand() is ...

9.1CVSS5.8AI score0.00583EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder