PT-2026-37128

Summary Nhost automatically links an incoming OAuth identity to an existing Nhost account when the email addresses match. This is only safe when the email has been verified by the OAuth provider. Nhost's controller trusts a profile.EmailVerified boolean that is set by each provider adapter. The...

CVE-2025-34467

ZwiiCMS versions prior to 13.7.00 contain a denial-of-service vulnerability in multiple administrative endpoints due to improper authorization checks combined with flawed resource state management. When an authenticated low-privilege user requests an administrative page, the application returns...

CVE-2010-5080

The Security/changepassword URL action in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 passes a token as a GET parameter while changing a password through email, which allows remote attackers to obtain sensitive data and hijack the session via the HTTP referer logs on a server, aka "HT...

CVE-2024-10819 CSRF to XSS in binary-husky/gpt_academic

A Cross-Site Request Forgery CSRF vulnerability in version 3.83 of binary-husky/gptacademic allows an attacker to trick a user into uploading files without their consent, exploiting their session. This can lead to unauthorized file uploads and potential system compromise. The uploaded file can...

GitLab 11.9 < 15.9.6 / 15.10 < 15.10.5 / 15.11 < 15.11.1 (CVE-2023-1265)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. The...

Authentication flaw

The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication...

Mail.ru: Blindy Replace User's Session with Attacker's Session

Login CSRF via OAuth code in lootdog.io...

Design/Logic Flaw

IBM Rational Build Forge 7.1.0 uses the HTTP GET method during redirection from the authentication servlet to a PHP script, which makes it easier for context-dependent attackers to discover session IDs by reading 1 web-server access logs, 2 web-server Referer logs, or 3 the browser history...

Aipo session fixation vulnerability

Overview Aipo, groupware from Aimluck, Inc., contains a session fixation vulnerability. Aipo from Aimluck, Inc. is groupware including functions such as scheduler and intra-blogging. Aipo contains a session fixation vulnerability which may allow an attacker to impersonate a user when the user log...

[SECURITY] [DSA 649-1] New xtrlock packages fix authentication bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 649-1 [email protected] http://www.debian.org/security/ Martin Schulze January 20th, 2005 http://www.debian.org/security/faq -...