CVE-2024-55876

XWiki Platform is a generic wiki platform. Starting in version 1.2-milestone-2 and prior to versions 15.10.9 and 16.3.0, any user with an account on the main wiki could run scheduling operations on subwikis. To reproduce, as a user on the main wiki without any special right, view the document...

Error: "The domain/user does not have access to the farm" when Accessing the Management Console

Administrator account is not able to access the management console and it generates error, "the domain/user does not have access to the farm"...

CVE-2022-44017

An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due to errors in session management, an attacker can log back into a victim's account after the victim logged out - /LMS/LM/main can be used for this. This is due to the credentials not being cleaned from the local storage after...

PT-2022-21204 · Wwbn · Avideo

Name of the Vulnerable Software and Affected Versions: WWBN AVideo versions 11.6 WWBN AVideo dev master commit 3f7c0364 Description: An issue exists in the login functionality due to an improper password check. This allows an attacker with a user's password hash to directly log into the account,...

Pi-hole Session Fixation Vulnerability

Pi-hole is a multi-platform, network-wide ad-blocking tool. A session fixation vulnerability exists in Pi-hole 5.0, 5.1, 5.1.1. The vulnerability stems from the application failing to generate a new session cookie after a user logs in.An attacker can exploit this vulnerability to gain access to...