CVE-2024-35049

SurveyKing v1.3.1 was discovered to keep users' sessions active after logout. Related to an incomplete fix for CVE-2022-25590...

CVE-2023-50707

Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device...

CVE-2023-50707

Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device...

CVE-2023-50707

CVE-2023-50707 affects EFACEC BCU 500 (EC/automation control IED). The vulnerability enables uncontrolled resource consumption (DoS) by exploiting active user sessions to send custom requests, leading to device denial of service (impact as described in Red Hat/CISA/EFACEC advisories). Affected pr...

PT-2023-31613 · Efacec · Bcu 500 +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows an attacker to send custom requests to cause a denial-of-service condition on the device through the exploitation of active user...

How to View Active Users Sessions Connected to Specific Citrix Gateway vServers

This article helps you identify active user sessions connected to Citrix Gateway vServers. This solution will work on allCitrix Gateway firmware versions...

New Relic: All Active user sessions should be destroyed when user change his password!

hello security, There is an user sessions issue on your application that should be fixed. Proof of Concept Suppose, you have an account on newrelic.com Somehow an attacker manage to get your password and logged in your account.. after knowing that your ID has been compromised what you'll do ? i...