Lucene search
K

5 matches found

Snyk
Snyk
added 2026/04/16 9:22 p.m.8 views

Use of Hard-coded Credentials

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Use of Hard-coded Credentials due to the use of a weak default value for the secret parameter in session management when the EXPRESSSESSIONSECRET environment variable is not set. An attacker can impersonate...

6.8CVSS5.5AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/31 10:58 p.m.7 views

CVE-2026-5130

The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to and including 1.3.2. This was due to the plugin accepting the wpdebugtroubleshootsimulateuser cookie value directly as a user ID without any cryptographic validation or...

8.8CVSS5.8AI score0.00422EPSS
Exploits0References1
NVD
NVD
added 2026/03/30 11:17 p.m.5 views

CVE-2026-5130

The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to and including 1.3.2. This was due to the plugin accepting the wpdebugtroubleshootsimulateuser cookie value directly as a user ID without any cryptographic validation or...

8.8CVSS0.00422EPSS
Exploits0References4
CVE
CVE
added 2025/11/06 4:37 p.m.12 views

CVE-2025-12485

CVE-2025-12485 affects Devolutions Server, with vulnerable cookie handling in pre-MFA flow. A low-privileged authenticated user can impersonate another account by replaying the pre-MFA cookie; MFA verification is not bypassed. Affected versions include Devolutions Server 2025.3.2.0–2025.3.5.0 and...

8.8CVSS6.3AI score0.0058EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:29 a.m.4 views

CVE-2024-57436

RuoYi v4.8.0 was discovered to allow unauthorized attackers to view the session ID of the admin in the system monitoring. This issue can allow attackers to impersonate Admin users via using a crafted cookie...

7.2CVSS6.9AI score0.0062EPSS
Exploits1References1
Rows per page
Query Builder