CVE-2023-49262

The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session...

EUVD-2025-24210

Malicious code in bioql PyPI...

EUVD-2023-53264

Malicious code in bioql PyPI...

CVE-2025-42945

SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker could craft a URL with malicious script as payload and trick a victim with active user session into executing it. Upon successful exploit, this vulnerability could lead to limited access to data or it...

CVE-2023-49262 Buffer overflow vulnerability in Cookie authentication field

The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session...

CVE-2023-50707 Uncontrolled Resource Consumption in EFACEC BCU 500

Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device...

EFACEC BCU 500 Resource Management Error Vulnerability

The EFACEC BCU 500 is a programmable control system from EFACEC Portugal. The EFACEC BCU 500 suffers from a resource management error vulnerability that originates from the fact that by exploiting an active user session, an attacker can send a custom request to cause a denial of service on the...

CVE-2001-1513

Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' slash, as demonstrated using ctx...

CVE-2001-1513

Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' slash, as demonstrated using ctx...