Lucene search
K

34 matches found

Saint
Saint
added 2014/05/29 12:0 a.m.28 views

Easy File Sharing Web Server SESSIONID Cookie Handling Buffer Overflow

Added: 05/29/2014 CVE: CVE-2014-3791 BID: 67406 OSVDB: 106965 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is...

10CVSS10AI score0.76198EPSS
Exploits6
Saint
Saint
added 2014/05/29 12:0 a.m.35 views

Easy File Sharing Web Server SESSIONID Cookie Handling Buffer Overflow

Added: 05/29/2014 CVE: CVE-2014-3791 BID: 67406 OSVDB: 106965 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is...

10CVSS10AI score0.76198EPSS
Exploits6
Exploit DB
Exploit DB
added 2013/10/29 12:0 a.m.62 views

Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow

!/usr/bin/perl -w Exploit Title: WatchGuard Firewall XTM version 11.7.4u1 - Remote buffer overflow exploit sessionid cookie Date: Oct 18 2013 Exploit Author: [email protected] a.k.a. [email protected] Vendor Homepage: http://www.watchguard.com Version: = 11.7.4u1 Tested on: XTMv CVE :...

9.3CVSS6.9AI score0.12203EPSS
Exploits7
exploitpack
exploitpack
added 2013/10/29 12:0 a.m.81 views

Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow

Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow !/usr/bin/perl -w Exploit Title: WatchGuard Firewall XTM version 11.7.4u1 - Remote buffer overflow exploit sessionid cookie Date: Oct 18 2013 Exploit Author: [email protected] a.k.a. [email protected] Vendor Homepage:...

9.3CVSS0.3AI score0.12203EPSS
Exploits7
NVD
NVD
added 2013/08/28 1:9 p.m.28 views

CVE-2013-3586

Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie...

7.6CVSS7.1AI score0.11605EPSS
Exploits0References1
Atlassian
Atlassian
added 2012/07/27 7:41 a.m.20 views

The csrf token cookie should be a 'secure' cookie like the sessionid cookie

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46613. panel That is that csrf token cookie 'csrftoken' should have the 'secure' attribute like the session cookie. In django 1....

1.7AI score
Exploits0
OSV
OSV
added 2012/06/05 10:55 p.m.6 views

CVE-2012-2144

Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...

6.4AI score
Exploits0References11
CVE
CVE
added 2012/06/05 10:0 p.m.69 views

CVE-2012-2144

CVE-2012-2144 : Session fixation in OpenStack Horizon (folsom-1 and 2012.1) allows remote attackers to hijack web sessions via the sessionid cookie. Vulnerable component: Horizon UI. Impact: session hijacking via cookie manipulation. Root cause: session fixation through sessionid handling as desc...

6.8CVSS6.5AI score0.0211EPSS
Exploits1References10Affected Software1
Debian CVE
Debian CVE
added 2012/06/05 10:0 p.m.63 views

CVE-2012-2144

Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...

6.8CVSS6.4AI score0.0211EPSS
Exploits1
NVD
NVD
added 2010/06/15 2:30 p.m.16 views

CVE-2010-2270

Accoria Web Server aka Rock Web Server 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie...

7.5CVSS6.6AI score0.0141EPSS
Exploits1References2
Cvelist
Cvelist
added 2010/06/14 7:0 p.m.25 views

CVE-2010-2270

Accoria Web Server aka Rock Web Server 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie...

6.6AI score0.0141EPSS
Exploits1References2
NVD
NVD
added 2002/10/04 4:0 a.m.12 views

CVE-2002-1058

Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. dot dot sequences in the sessionId cookie that point to an alternate session file...

10CVSS6.8AI score0.04369EPSS
Exploits1References3
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.20 views

CVE-2002-1058

Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. dot dot sequences in the sessionId cookie that point to an alternate session file...

6.8AI score0.04369EPSS
Exploits1References3
CVE
CVE
added 2002/08/31 4:0 a.m.44 views

CVE-2002-1058

CVE-2002-1058 is a directory traversal vulnerability in splashAdmin.php of Cobalt Qube 3.0. The root cause is use of .. sequences in the sessionId cookie that can reference an alternate session file, allowing local users and remote attackers to gain privileges as the Qube Admin. The vulnerability...

10CVSS7.2AI score0.04369EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder