34 matches found
Easy File Sharing Web Server SESSIONID Cookie Handling Buffer Overflow
Added: 05/29/2014 CVE: CVE-2014-3791 BID: 67406 OSVDB: 106965 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is...
Easy File Sharing Web Server SESSIONID Cookie Handling Buffer Overflow
Added: 05/29/2014 CVE: CVE-2014-3791 BID: 67406 OSVDB: 106965 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is...
Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow
!/usr/bin/perl -w Exploit Title: WatchGuard Firewall XTM version 11.7.4u1 - Remote buffer overflow exploit sessionid cookie Date: Oct 18 2013 Exploit Author: [email protected] a.k.a. [email protected] Vendor Homepage: http://www.watchguard.com Version: = 11.7.4u1 Tested on: XTMv CVE :...
Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow
Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow !/usr/bin/perl -w Exploit Title: WatchGuard Firewall XTM version 11.7.4u1 - Remote buffer overflow exploit sessionid cookie Date: Oct 18 2013 Exploit Author: [email protected] a.k.a. [email protected] Vendor Homepage:...
CVE-2013-3586
Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie...
The csrf token cookie should be a 'secure' cookie like the sessionid cookie
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46613. panel That is that csrf token cookie 'csrftoken' should have the 'secure' attribute like the session cookie. In django 1....
CVE-2012-2144
Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...
CVE-2012-2144
CVE-2012-2144 : Session fixation in OpenStack Horizon (folsom-1 and 2012.1) allows remote attackers to hijack web sessions via the sessionid cookie. Vulnerable component: Horizon UI. Impact: session hijacking via cookie manipulation. Root cause: session fixation through sessionid handling as desc...
CVE-2012-2144
Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...
CVE-2010-2270
Accoria Web Server aka Rock Web Server 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie...
CVE-2010-2270
Accoria Web Server aka Rock Web Server 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie...
CVE-2002-1058
Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. dot dot sequences in the sessionId cookie that point to an alternate session file...
CVE-2002-1058
Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. dot dot sequences in the sessionId cookie that point to an alternate session file...
CVE-2002-1058
CVE-2002-1058 is a directory traversal vulnerability in splashAdmin.php of Cobalt Qube 3.0. The root cause is use of .. sequences in the sessionId cookie that can reference an alternate session file, allowing local users and remote attackers to gain privileges as the Qube Admin. The vulnerability...