CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

148 matches found

OSV•added 2024/05/17 12:15 p.m.•3 views

CVE-2024-5044

A vulnerability was found in Emlog Pro 2.3.4. It has been classified as problematic. This affects an unknown part of the component Cookie Handler. The manipulation of the argument AuthCookie leads to improper authentication. It is possible to initiate the attack remotely. The complexity of an...

8.1CVSS6.6AI score

Exploits0References4

NVD•added 2024/05/17 12:15 p.m.•9 views

CVE-2024-5044

8.1CVSS4.2AI score0.00187EPSS

Exploits1References4

Vulnrichment•added 2024/05/17 11:31 a.m.•12 views

CVE-2024-5044 Emlog Pro Cookie improper authentication

6.3CVSS6.7AI score0.00187EPSS

Exploits1References4

Cvelist•added 2024/05/17 11:31 a.m.•15 views

CVE-2024-5044 Emlog Pro Cookie improper authentication

6.3CVSS4.2AI score0.00187EPSS

Exploits1References4

CVE•added 2024/05/17 11:31 a.m.•73 views

CVE-2024-5044

CVE-2024-5044 affects Emlog Pro 2.3.4. The vulnerability lies in the Cookie Handler’s AuthCookie parameter, causing improper authentication. Attackers can exploit remotely with high attack complexity, and exploitation is considered possible and publicly disclosed (VDB-264741). No remediation deta...

8.1CVSS6.6AI score0.00187EPSS

Exploits1References4Affected Software1

CNNVD•added 2024/05/17 12:0 a.m.•2 views

Emlog Pro 授权问题漏洞

emlog is a PHP and MySQL based CMS builder for emlog personal developers. An authorization issue vulnerability exists in Emlog Pro version 2.3.4, which stems from incorrect authentication of the parameter AuthCookie of the component Cookie Handler. An attacker can exploit this vulnerability to...

8.1CVSS6.9AI score0.00187EPSS

Exploits1References5

OSV•added 2024/03/22 8:15 a.m.•1 views

CVE-2024-2815

A vulnerability classified as critical has been found in Tenda AC15 15.03.20multi. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand of the component Cookie Handler. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to laun...

9.8CVSS6.2AI score

Exploits0References3

NVD•added 2024/03/22 8:15 a.m.•10 views

CVE-2024-2815

9.8CVSS9.3AI score0.00325EPSS

Exploits1References3

OSV•added 2024/02/23 2:15 p.m.•2 views

CVE-2024-1817

A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and classified as critical. Affected by this vulnerability is the function dmlogin of the file indexDMload.php of the component Cookie Handler. The manipulation of the argument isadmin with the input y...

9.8CVSS5.3AI score0.00061EPSS

Exploits0References3

NVD•added 2024/02/23 2:15 p.m.•13 views

CVE-2024-1817

9.8CVSS7.3AI score0.00061EPSS

Exploits0References3

Prion•added 2024/02/23 2:15 p.m.•16 views

Authentication flaw

7.5CVSS7AI score0.00061EPSS

Exploits0References3

Vulnrichment•added 2024/02/23 2:0 p.m.•18 views

CVE-2024-1817 Demososo DM Enterprise Website Building System Cookie indexDM_load.php dmlogin improper authentication

7.5CVSS6.8AI score0.00061EPSS

Exploits0References3

CNNVD•added 2024/02/23 12:0 a.m.•2 views

Demososo DM Enterprise Website Building System License Issues Vulnerability

Demososo DM Enterprise Website Building System is a system website of Demososo Inc. An authorization issue vulnerability exists in Demososo DM Enterprise Website Building System version 2022.8 and earlier, which stems from a security issue in the dmlogin function of indexDMload.php in the compone...

9.8CVSS6.7AI score0.00061EPSS

Exploits0References4

Positive Technologies•added 2024/02/23 12:0 a.m.•2 views

PT-2024-18332 · Demososo · Demososo Dm Enterprise Website Building System

Name of the Vulnerable Software and Affected Versions: Demososo DM Enterprise Website Building System versions up to 2022.8 Description: A critical issue has been found, affecting the function dmlogin of the file indexDM load.php in the Cookie Handler component. The manipulation of the argument i...

9.8CVSS7AI score0.00061EPSS

Exploits0References6

OSV•added 2024/01/29 4:15 p.m.•1 views

CVE-2024-1006

A vulnerability was found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as critical. This issue affects some unknown processing of the file application/index/common.php of the component Cookie Handler. The manipulation of the argument NodUserId/NodUserToken leads to improper...

5.3CVSS5.4AI score0.00072EPSS

Exploits0References3

Prion•added 2024/01/29 4:15 p.m.•15 views

Authentication flaw

7.5CVSS7AI score0.00072EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2024/01/29 3:31 p.m.•4 views

CVE-2024-1006 Shanxi Diankeyun Technology NODERP Cookie common.php improper authentication

7.5CVSS7.3AI score0.00072EPSS

Exploits0References3

Cvelist•added 2024/01/29 3:31 p.m.•17 views

CVE-2024-1006 Shanxi Diankeyun Technology NODERP Cookie common.php improper authentication

7.5CVSS7.5AI score0.00072EPSS

Exploits0References3

CNNVD•added 2024/01/29 12:0 a.m.•1 views

Shanxi Diankeyun Technology NODERP Authorization Issue Vulnerability

Shanxi Diankeyun Technology NODERP is an ERP system from Shanxi Diankeyun Technology. An authorization issue vulnerability exists in Shanxi Diankeyun Technology NODERP version 6.0.2, which stems from the possibility that the parameter NodUserId/NodUserToken in the file application/index/common.ph...

7.5CVSS6.9AI score0.00072EPSS

Exploits0References4

OSV•added 2023/10/28 10:15 p.m.•1 views

CVE-2023-5837

A vulnerability classified as problematic was found in AlexanderLivanov FotosCMS2 up to 2.4.3. This vulnerability affects unknown code of the file profile.php of the component Cookie Handler. The manipulation of the argument username leads to cross site scripting. The attack can be initiated...

6.1CVSS3.6AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by