247 matches found
Grindr v2.1.1 iOS - (eMail) Session Vulnerability
Document Title: =============== Grindr v2.1.1 iOS - eMail Session Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1426 Release Date: ============= 2015-05-03 Vulnerability Laboratory ID VL-ID: ==================================== 1426 Commo...
Session fixation
IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for...
CVE-2014-3352
Cisco Intelligent Automation for Cloud aka Cisco Cloud Portal 2008.3SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID...
Multiple Vendor TCP Session Acknowledgement Number Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13215/info Multiple Vendor TCP/IP stack implementations are reported prone to a denial of service vulnerability. A report indicates that the vulnerability manifests when an erroneous TCP acknowledgement number is...
CVE-2013-5413
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remote attackers to bypass authentication by leveraging an unattended workstation...
Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities
Title: ====== Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities Date: ===== 2013-07-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=833 VL-ID: ===== 833 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...
PHP global variables with the SESSION vulnerability, global and session-vulnerability warning-the black bar safety net
The first to see this a simple piece of code ? php sessionstart;$SESSION'isadmin'='yes';$isadmin='no';echo $SESSION'isadmin';?& gt; When php. ini in the configuration registerglobals = Off, Without any problems, Output yes but When php. ini in the configuration registerglobals = On time, First ru...
maccms chicken-upload vulnerability and a fix-vulnerability warning-the black bar safety net
A small program, inadvertently see by the way it looked under ./ admin/editor/upload.php requireonce "../adminconn.php"; $action=be"get","action"; $ftypes=array'jpg','gif','bmp','png',". jpeg"; $upfileDir= "../". $SESSION"upfolder" . the "/" . getSavePicPath . "/"; $maxSize=1 0 0 0; if!...
CVE-2011-4136
django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that...
Fedora Update for dbus FEDORA-2010-19166
Check for the Version of dbus OpenVAS Vulnerability Test Fedora Update for dbus FEDORA-2010-19166 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Session fixation
The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a 1 telnet, 2 rlogin, or 3 FTP session...
CVE-2009-4236
The process function in data/class/pages/admin/customer/LCPageAdminCustomerSearchCustomer.php in EC-CUBE Ver2 2.4.0 RC1 through 2.4.1, and Community Edition r18068 through r18428, allows remote attackers to obtain sensitive information customer data via unknown vectors related to sessions...
CVE-2009-1629
ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to 1 hijack a session or 2 cause a denial of service session ID exhaustion via a brute-force attack...
HIOX Browser Statistics 2.0 - Arbitrary Add Admin
HIOX Browser Statistics 2.0 - Arbitrary Add Admin "; fclose$file; $creat = "false"; echo "New User Created Please Wait You will be Redirected to Login Page "; else echo "Enter correct Username or Password "; if$creat == "true" ? table align=center valign=center bgcolo...
Movable Type session management vulnerability
Overview Movable Type, a web log system from Six Apart KK, contains a vulnerability which could allow a remote attacker to gain illegal access. Impact A remote attacker could freely manipulate a web log by posting or deleting blog entries. Solution None...
PHP 4.4.55.2.1 - _SESSION Deserialization Overwrite
PHP 4.4.55.2.1 - SESSION Deserialization Overwrite ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the...
CVE-2006-7014
admin.php in BloggIT 1.01 and earlier does not properly establish a user session, which allows remote attackers to gain privileges via a direct request...
CVE-2006-3016
Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting XSS, and HTTP response splitting...
CVE-2006-2711
CVE-2006-2711 affects Secure Elements Class 5 AVR (C5 EVM) version 2.8.1 and earlier (and possibly later 2.8.x), where the same initialization vector (IV) and key are reused for each message session. This is the underlying root cause stated in the CVE description, enabling remote attackers over a...
CVE-2004-0755
The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions...