104 matches found
CVE-2024-39275
Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user...
Express.js Cookie-Session Weak Secret Key
Express.js applications with Cookie-Session use an application key to encrypt and sign various data, including session cookies and other sensitive information. This key is typically stored in an environment variable and is used for multiple security-critical operations. When a weak or easily...
PT-2024-6551 · Advantech · Adam-5630
Name of the Vulnerable Software and Affected Versions: Advantech ADAM-5630 affected versions not specified Description: The issue concerns the cookies of authenticated Advantech ADAM-5630 users, which remain active and valid even after a session is closed. This allows an unauthorized attacker to...
CVE-2024-4993
Summary: CVE-2024-4993 describes an XSS vulnerability in SiAdmin 1.1 triggered by the /show.php query parameter, which could allow a remote attacker to craft a URL that, when opened by an authenticated user, may lead to cookie session credential leakage. What’s affected: SiAdmin 1.1; vulnerabilit...
CVE-2024-4993 SQL injection vulnerability in SiAdmin
Vulnerability in SiAdmin 1.1 that allows XSS via the /show.php query parameter. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and thereby steal their cookie session credentials...
Remote Code Execution (RCE)
laravel/framework is vulnerable to Remote Code Execution RCE. The vulnerability is caused by an encryption oracle exposed by applications using the "cookie" session driver, allowing attackers to craft Laravel session payloads by generating valid signed encryption strings for any plain-text string...
Laravel RCE vulnerability in "cookie" session driver
Applications using the "cookie" session driver that were also exposing an encryption oracle via their application were vulnerable to remote code execution. An encryption oracle is a mechanism where arbitrary user input is encrypted and the encrypted string is later displayed or exposed to the use...
GHSA-2FFV-R4R9-R8XR Laravel RCE vulnerability in "cookie" session driver
Application's using the "cookie" session driver were the primary applications affected by this vulnerability. Since we have not yet released a security release for the Laravel 5.5 version of the framework, we recommend that all applications running Laravel 5.5 and earlier do not use the "cookie"...
PT-2024-40434 · Laravel · Laravel
Name of the Vulnerable Software and Affected Versions: Laravel affected versions not specified Description: The issue concerns applications that use the "cookie" session driver and expose an encryption oracle, allowing for remote code execution. An encryption oracle is a mechanism where arbitrary...
OESA-2024-1191 mod_auth_openidc security update
This module enables an Apache 2.x web server to operate as an OpenID Connect Relying PartyRP to an OpenID Connect ProviderOP. Security Fixes: modauthopenidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying...
TASKHUB-2.8.8 - XSS-Reflected
Title: TASKHUB-2.8.8-XSS-Reflected Author: nu11secur1ty Date: 09/22/2023 Vendor: https://codecanyon.net/user/infinitietech Software: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Reference: https://portswigger.net/web-security/cross-site-scripting Description: T...
CVE-2023-6144 Dev Blog v1.0 - ATO
Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username...
CVE-2023-4592
A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an...
CVE-2023-42769 Sielco Radio Link and Analog FM Transmitters Improper Access Control
The cookie session ID is of insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session, bypass authentication, and manipulate the transmitter...
CVE-2023-42769 Sielco Radio Link and Analog FM Transmitters Improper Access Control
The cookie session ID is of insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session, bypass authentication, and manipulate the transmitter...
CVE-2023-42769
CVE-2023-42769 affects Sielco Radio Link and Analog FM Transmitters. The issue is the cookie session ID length is insufficient, enabling brute-force to obtain a valid session, bypass authentication, and manipulate the transmitter. Affected products include multiple Sielco Analog FM Transmitters a...
PT-2023-28579 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX affected versions not specified Description: The issue is related to the cookie session ID being of insufficient length, making it vulnerable to brute force attacks. This could allow a remote attacker to obtain a valid session, bypa...
Sielco Analog FM Transmitters Security Vulnerability
Sielco Analog FM Transmitters is an analog FM transmitter from Sielco. A security vulnerability exists in Sielco Analog FM Transmitters that stems from an insufficient cookie session ID length that can be brute-force broken, allowing a remote attacker to obtain a valid session and bypass...
Taskhub 2.8.8 Cross Site Scripting
Title: TASKHUB-2.8.8-XSS-Reflected Author: nu11secur1ty Date: 09/22/2023 Vendor: https://codecanyon.net/user/infinitietech Software: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Reference: https://portswigger.net/web-security/cross-site-scripting Description: T...
Cross-Site Request Forgery (CSRF)
@vendure/core is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability exists in the defaultConfig because the cookie-session middleware is set to false which in most browsers is interpreted as the secure lax option, but in old browsers gets interpreted as the least secure option, whic...