CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

147 matches found

Cvelist•added 2023/10/28 9:31 p.m.•10 views

CVE-2023-5837 AlexanderLivanov FotosCMS2 Cookie profile.php cross site scripting

A vulnerability classified as problematic was found in AlexanderLivanov FotosCMS2 up to 2.4.3. This vulnerability affects unknown code of the file profile.php of the component Cookie Handler. The manipulation of the argument username leads to cross site scripting. The attack can be initiated...

4CVSS6.3AI score0.00064EPSS

Exploits1References3

Positive Technologies•added 2023/10/28 12:0 a.m.•3 views

PT-2023-32369 · Alexanderlivanov · Fotoscms2

Name of the Vulnerable Software and Affected Versions: AlexanderLivanov FotosCMS2 versions up to 2.4.3 Description: A problematic vulnerability was found in the Cookie Handler component of the file profile.php, where the manipulation of the username argument leads to cross-site scripting. The...

6.1CVSS6.9AI score0.00064EPSS

Exploits1References6

OSV•added 2023/10/02 12:15 a.m.•2 views

CVE-2023-5328

A vulnerability classified as critical has been found in SATO CL4NX-J Plus 1.13.2-u455r2. This affects an unknown part of the component Cookie Handler. The manipulation with the input auth=user,level1,settings; web=true leads to improper authentication. Access to the local network is required for...

8.8CVSS5.2AI score0.00056EPSS

Exploits0References3

NVD•added 2023/10/02 12:15 a.m.•14 views

CVE-2023-5328

8.8CVSS7AI score0.00056EPSS

Exploits0References3

Prion•added 2023/10/02 12:15 a.m.•17 views

Authentication flaw

5.8CVSS8.6AI score0.00056EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2023/10/01 11:31 p.m.•12 views

CVE-2023-5328 SATO CL4NX-J Plus Cookie improper authentication

6.3CVSS6.8AI score0.00056EPSS

Exploits0References3

OSV•added 2023/08/17 3:15 a.m.•1 views

CVE-2023-4392

A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected by this issue is some unknown functionality of the component Cookie Handler. The manipulation leads to cleartext storage of sensitive information. The attack may be launched remotely. The complexity ...

5.3CVSS4.3AI score0.00065EPSS

Exploits1References3

Vulnrichment•added 2023/08/17 2:31 a.m.•15 views

CVE-2023-4392 Control iD Gerencia Web Cookie cleartext storage

3.7CVSS5.2AI score0.00065EPSS

Exploits1References3

CNNVD•added 2023/08/17 12:0 a.m.•2 views

Control iD Gerencia Web 安全漏洞

Control iD Gerencia Web is an application from Control iD. A security vulnerability exists in Control iD Gerencia Web version 1.30, which stems from an issue with the explicit storage of sensitive information in the component Cookie Handler...

5.3CVSS4.9AI score0.00065EPSS

Exploits1References4

OSV•added 2023/08/16 8:15 p.m.•1 views

CVE-2023-4384

A vulnerability has been found in MaximaTech Portal Executivo 21.9.1.140 and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to missing encryption of sensitive data. The attack can be initiated remotely. The complexity of ...

5.9CVSS4.4AI score0.0005EPSS

Exploits1References3

NVD•added 2023/08/16 8:15 p.m.•9 views

CVE-2023-4384

5.9CVSS4.8AI score0.0005EPSS

Exploits1References3

Prion•added 2023/08/16 8:15 p.m.•17 views

Design/Logic Flaw

2.6CVSS5.8AI score0.0005EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/08/16 8:0 p.m.•12 views

CVE-2023-4384 MaximaTech Portal Executivo Cookie missing encryption

3.7CVSS6AI score0.0005EPSS

Exploits1References3

Positive Technologies•added 2023/08/16 12:0 a.m.•5 views

PT-2023-29010 · Maximatech · Maximatech Portal Executivo

Name of the Vulnerable Software and Affected Versions: MaximaTech Portal Executivo version 21.9.1.140 Description: A vulnerability has been found in the Cookie Handler component, leading to missing encryption of sensitive data. The attack can be initiated remotely, with a rather high complexity a...

5.9CVSS6.6AI score0.0005EPSS

Exploits1References8

Positive Technologies•added 2023/08/16 12:0 a.m.•4 views

PT-2023-29042 · Unknown · Control Id Gerencia Web

Name of the Vulnerable Software and Affected Versions: Control iD Gerencia Web version 1.30 Description: A vulnerability was found in the component Cookie Handler, leading to cleartext storage of sensitive information. The attack may be launched remotely, with a rather high complexity and difficu...

5.3CVSS6.8AI score0.00065EPSS

Exploits1References8

CNNVD•added 2023/08/16 12:0 a.m.•1 views

MaximaTech Portal Executivo 安全漏洞

MaximaTech Portal Executivo is a portal system from MaximaTech, Inc. A security vulnerability exists in MaximaTech Portal Executivo version 21.9.1.140, which stems from a sensitive information disclosure vulnerability in the component Cookie Handler...

5.9CVSS4.9AI score0.0005EPSS

Exploits1References4

OSV•added 2023/03/02 7:15 a.m.•1 views

CVE-2023-1151

A vulnerability was found in SourceCodester Electronic Medical Records System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file administrator.php of the component Cookie Handler. The manipulation of the argument userid leads to sql...

9.8CVSS6.5AI score

Exploits0References3

NVD•added 2023/03/02 7:15 a.m.•6 views

CVE-2023-1151

9.8CVSS7.4AI score0.00339EPSS

Exploits1References3

Prion•added 2023/03/02 7:15 a.m.•16 views

Sql injection

6.5CVSS9.7AI score0.00339EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/03/02 6:31 a.m.•12 views

CVE-2023-1151 SourceCodester Electronic Medical Records System Cookie administrator.php sql injection