3 matches found
CVE-2025-47147
CVE-2025-47147 describes Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client for Android and iOS. The issue could allow an attacker with access to a logged-in operator’s mobile device to extract the session token and gain access for a limited duration. Affecte...
EUVD-2020-6184
Malware in sbrugna...
CVE-2020-14017
An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are stored in cleartext files in the directory /private/sessions. An unauthenticated user could use a brute-force approach to attempt to identify existing sessions, or view the...