Company Website CMS 访问控制错误漏洞

Company Website CMS is a company website/CMS by Torrahclef Personal Developer. Company Website CMS suffers from an Access Control Error vulnerability that stems from incorrect access control in the file site-settings.php of the component Cookie Handler. An attacker could use this vulnerability to...

PT-2022-18184 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS affected versions not specified Description: A critical issue was found in the SourceCodester Company Website CMS, affecting some unknown functionality of the file site-settings.php of the component Cookie...

CVE-2017-20104

A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...

Sql injection

A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...

CVE-2017-20104 Simplessus Cookie Time sql injection

A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...

CVE-2016-15002

A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This affects an unknown part of the component Cookie Handler. The manipulation of the argument HasServerEdit/IsAdmin leads to privilege escalation. It is possible to initiate the attack remotely...

CVE-2016-15002 MONyog Ultimate Cookie privileges management

A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This affects an unknown part of the component Cookie Handler. The manipulation of the argument HasServerEdit/IsAdmin leads to privilege escalation. It is possible to initiate the attack remotely...

Remote Code Execution

Pippo is vulnerable to remote code execution attacks. A remote, unauthenticated attacker could create a malicious object, base64 encode it, and place it in the PIPPOSESSION field of a cookie to exploit the flawed Cookie Handler component causing denial of service conditions. Affected by this issu...