Lucene search
K

4 matches found

ptsecurity
ptsecurity
added 2026/04/01 12:0 a.m.4 views

PT-2026-29543

The login mechanism of Sage DPW 2025 06 004 displays distinct responses for valid and invalid usernames, allowing enumeration of existing accounts in versions before 2021 06 000. On-premise administrators can toggle this behaviour in newer versions...

5.8AI score0.00142EPSS
Exploits0References3
osv
osv
added 2021/02/05 2:15 p.m.16 views

CVE-2021-3311

An issue was discovered in October through build 471. It reactivates an old session ID which had been invalid after a logout once a new login occurs. NOTE: this violates the intended Auth/Manager.php authentication behavior but, admittedly, is only relevant if an old session ID is known to an...

9.8CVSS7AI score
Exploits0References3
nvd
nvd
added 2021/02/05 2:15 p.m.28 views

CVE-2021-3311

An issue was discovered in October through build 471. It reactivates an old session ID which had been invalid after a logout once a new login occurs. NOTE: this violates the intended Auth/Manager.php authentication behavior but, admittedly, is only relevant if an old session ID is known to an...

9.8CVSS0.02903EPSS
Exploits1References3
cvelist
cvelist
added 2021/02/05 4:47 a.m.35 views

CVE-2021-3311

An issue was discovered in October through build 471. It reactivates an old session ID which had been invalid after a logout once a new login occurs. NOTE: this violates the intended Auth/Manager.php authentication behavior but, admittedly, is only relevant if an old session ID is known to an...

9.8AI score0.02903EPSS
Exploits1References3
Rows per page
Query Builder