SUSE CVE-2001-0851

Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie...

CVE-2020-8234

A vulnerability exists in The EdgeMax EdgeSwitch firmware v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection...

CVE-2018-16239

An issue was discovered in damiCMS V6.0.1. It relies on the PHP time function for cookies, which makes it possible to determine the cookie for an existing admin session via 10800 guesses...

CVE-2018-16239

DamiCMS v6.0.1 is affected by a cookie-generation flaw where the application relies on PHP time() to create admin cookies, enabling an attacker to guess the admin session cookie within 10,800 attempts and achieve elevation of privileges. The issue is documented across multiple sources (CNVD-2019-...

CVE-2016-2564

Invision Power Services IPS Community Suite before 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the moreentropy flag. Attackers can guess an Invision Power Board session cookie if they can predict the exact time of cookie generation...