CVE-2026-36829

An authentication bypass vulnerability exists in the embedded HTTP server of Panabit PAP-XM320 up to and including v7.7. The server validates session cookies using a filesystem existence check based on a user-controlled cookie value without proper sanitization, allowing directory traversal and...

ReCrystallize Server 安全漏洞

ReCrystallize is a reporting software from ReCrystallize, Inc. A security vulnerability exists in ReCrystallize Server version 5.10.0.0 that stems from the use of an authorization mechanism that relies on a cookie value but does not bind the cookie value to a session ID, which can be exploited by...

CVE-2018-12666

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication and gain administrator access by setting the authLevel cookie to 255...

Unspecified Security Bypass Vulnerability in Drupal JavaScript Callback Handler

Drupal is the Drupal community maintained by a set of free , open source content management system developed in PHP language . JavaScript Callback Handler is an efficient Ajax Callback module . An unspecified security bypass vulnerability exists in the Drupal JavaScript Callback Handler module. A...

Multiple Vendors (RomPager <= 4.34) - Misfortune Cookie Router Authentication Bypass

No description provided by source...

Jamroom <= 3.3.8 Cookie Authentication Bypass Vulnerability and Multiple Unspecified Security Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30406/info Jamroom is prone to fourteen security vulnerabilities, including an authentication-bypass vulnerability that occurs because the application fails to verify user-supplied data. Very few technical details are...

Grestul 1.x - Cookie Authentication Bypass

Grestul 1.x - Cookie Authentication Bypass Grestul Sql Injection By Cookie bypass Autore: x0r Email: [email protected] Site: http://w00tz0ne.org Let's Go! \admin\login.php : $username = SafeAddSlashes$POST'username'; $passcode = SafeAddSlashesmd5$POST'passcode'; $time = time; $check =...

PhpAddEdit 1.3 - cookie Authentication Bypass

PhpAddEdit 1.3 - cookie Authentication Bypass ------------------------------------- PhpAddEdit 1.3 Login By Pass ------------------------------------- Found By: x0r Evolution Team Email: [email protected] ------------------------------------- Bug In: Addedit-login.php if !$loginerror // --- Se...

H2O-CMS 3.4 - PHP Code Injection Cookie Authentication Bypass

H2O-CMS 3.4 - PHP Code Injection Cookie Authentication Bypass source: https://www.securityfocus.com/bid/31961/info H2O-CMS is prone to a PHP code-injection vulnerability and a cookie authentication-bypass vulnerability. An attacker can exploit the PHP code-injection issue to inject and execute...

H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass

source: https://www.securityfocus.com/bid/31961/info H2O-CMS is prone to a PHP code-injection vulnerability and a cookie authentication-bypass vulnerability. An attacker can exploit the PHP code-injection issue to inject and execute arbitrary malicious PHP code in the context of the webserver...

Jamroom 3.3.8 - Cookie Authentication Bypass

Jamroom 3.3.8 - Cookie Authentication Bypass source: https://www.securityfocus.com/bid/30406/info Jamroom is prone to fourteen security vulnerabilities, including an authentication-bypass vulnerability that occurs because the application fails to verify user-supplied data. Very few technical...

phpBB < 2.0.13 Cookie Authentication Bypass

Binary data 2658.prm...

CVE-2005-0408

CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the idhash cookie, which allows remote attackers to bypass authentication and gain privileges by calculating the MD5 checksum of the user name combined with the "boogaadeeboo" string, which is hard-coded in th...

Snitz Forums 2000 &lt; 3.4.0.3 - Multiple Vulnerabilities

Snitz Forums 2000 Multiple Vulnerabilities Vendor: Snitz Communications Product: Snitz Forums 2000 Version: alertdocument.cookie Cookie Authentication Bypass Vulnerability: In order to steal another users identity, all an attacker needs to know is thier encrypted password. This is not very hard t...