Lucene search
K

193 matches found

GitLab Advisory Database
GitLab Advisory Database
added 2015/07/14 12:0 a.m.34 views

DOS by filling session store

The session backends created a new empty record in the session storage anytime request.session was accessed and there was a session key provided in the request cookies that didn't already have a session record. This could allow an attacker to easily create many new session records simply by sendi...

7.8CVSS6.1AI score0.07266EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/07/09 12:0 a.m.37 views

Debian DSA-3305-1 : python-django - security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework : - CVE-2015-5143 Eric Peterson and Lin Hua Cheng discovered that a new empty record used to be created in the session storage every time a session was accessed and an unknown session key was provided...

7.8CVSS7.5AI score0.07266EPSS
Exploits0References7
Debian
Debian
added 2015/07/08 10:14 p.m.94 views

[SECURITY] [DSA 3305-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3305-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini July 08, 2015 https://www.debian.org/security/faq -...

7.8CVSS6.5AI score0.07266EPSS
Exploits0
OSV
OSV
added 2015/07/08 12:0 a.m.26 views

DSA-3305-1 python-django - security update

Bulletin has no description...

7.8CVSS7.9AI score0.07266EPSS
Exploits0
seebug.org
seebug.org
added 2015/03/08 12:0 a.m.48 views

ThinkPHP一处过滤不当造成SQL注入漏洞

简要描述: 内核中某个模块开发的太粗糙啦。 详细说明: 问题出现在session,Thinkphp支持更换session handle。 handle中包括Db和Memcache,如下配置即可使用数据库作为session的存储器: 设置了选项后,在数据库里插入这个表(前缀think可以自己定义): / 数据库方式Session驱动 CREATE TABLE thinksession sessionid varchar255 NOT NULL, sessionexpire int11 NOT NULL, sessiondata blob, UNIQUE KEY sessionid...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2014/06/09 2:55 p.m.5 views

ovirt-engine-api: session ID stored in HTML5 local storage

The REST API in oVirt 3.4.0 and earlier stores session IDs in HTML5 local storage, which allows remote attackers to obtain sensitive information via a crafted web page...

4.3CVSS5.9AI score0.01334EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2013/09/25 3:6 p.m.12 views

Some Versions of Ruby on Rails Could Expose Cookies

Versions 2.0 to 4.0 of the popular open source Web framework Ruby on Rails are vulnerable to a Web security issue involving cookies that could make it much easier for someone to log in to an app as another user. According to security researcher G.S. McNamara, Ruby on Rails’ defacto session storin...

1AI score
Exploits0References4
Kitploit
Kitploit
added 2013/08/14 5:16 a.m.23 views

[The Burp SessionAuth] Extension for Detection of Possible Privilege escalation vulnerabilities

Normally a web application should identify a logged in user by data which is stored on the server side in some kind of session storage. However, in web application audits someone can often observe that internal user identifiers are transmitted in HTTP requests as parameters or cookies. Applicatio...

7.3AI score
Exploits0References1
NVD
NVD
added 2011/10/19 10:55 a.m.24 views

CVE-2011-4136

django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that...

5.8CVSS6.3AI score0.02284EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2011/03/18 4:0 p.m.34 views

CVE-2011-1433

The 1 AgentInterface and 2 CustomerInterface components in Open Ticket Request System OTRS before 3.0.6 place cleartext credentials into the session data in the database, which makes it easier for context-dependent attackers to obtain sensitive information by reading the UserLogin and UserPW fiel...

5CVSS6AI score0.01467EPSS
Exploits0
Prion
Prion
added 2011/01/10 8:0 p.m.17 views

Code injection

Piwik before 1.1 does not properly limit the number of files stored under tmp/sessions/, which might allow remote attackers to cause a denial of service inode consumption by establishing many sessions...

5CVSS7AI score0.01653EPSS
Exploits0References6Affected Software1
rdot
rdot
added 2010/07/06 12:0 a.m.25 views

Новый метод атаки через Reverse-IP

Новый метод атаки через reverse-ip Хоть статья и 2009 года, но до сих пор актуальна. 0. INTRO Вобщем не буду делать большое вступление. Недавно имело место хекать сайт. Шел был успешно залит на соседний, но вот беда на сервере грамотно выставленны права. Пришлось включать голову и думать. И в...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2007/03/17 12:0 a.m.33 views

MOPB-23-2007:PHP 5 Rejected Session Identifier Double Free Vulnerability

Summary Internal session storage modules can reject session identifiers since PHP 5.2.0 when they contain for example characters consideres malicious. When the session extension gets notified that the session id is invalid, it fails to clear an already freed pointer to the invalid session...

0.9AI score
Exploits0
Rows per page
Query Builder