JS Help Desk <= 2.8.2 - SQL Injection

JS Help Desk WordPress plugin 2.8.2 contains a SQL injection caused by insufficient escaping and preparation of user-supplied values in 'js-support-ticket-token-tkstatus' cookie, letting unauthenticated attackers extract sensitive database information, exploit requires no authentication. id:...

CVE-2026-7637

The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in the STYXKEY-BOOSTUSERLOCATION cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present i...

CVE-2019-25728

Care2x 2.7 Hospital Information System is affected by SQL injection via the ck_config cookie parameter. The vulnerability allows unauthenticated attackers to inject arbitrary SQL through endpoints such as login.php, indexframe.php, and various module files, enabling extraction of sensitive databa...

Insertion of Sensitive Information into Log File

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the setCookie and start functions. An attacker can gain unauthorized access to...

VulnCheck KEV: CVE-2026-45247

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted...

CVE-2026-45247

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted...

PT-2026-42973

Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.4.15 Description The 'action/cookie.php' endpoint in the 'ecrire' component is subject to an open redirect, which occurs when an application redirects users to an external site without sufficient validation of the...

Astra Linux - уязвимость в zabbix

A bug in the code allows an attacker to create a forged zbxsession cookie, which enables them to log in with admin permissions...

Astra Linux - уязвимость в php7.3

In PHP versions prior to 7.4.31, 8.0.24, and 8.1.11, this vulnerability allows network and same-site attackers to set an insecure cookie in the victim’s browser. This cookie is treated as a Host- or Secure- cookie by PHP applications...

WordPress plugin Boost 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

User Impersonation

Overview opencart/opencart is a shopping cart system Affected versions of this package are vulnerable to User Impersonation via the OCSESSID cookie. An attacker can gain unauthorized access to user accounts by injecting arbitrary values into the session cookie, allowing session takeover...

CVE-2021-47923

OpenCart 3.0.3.8 is affected by a session fixation vulnerability that lets an attacker hijack user sessions by injecting values into the OCSESSID cookie, enabling session takeover and unauthorized access to user accounts. The provided documents describe the vulnerability and impact but do not inc...

Linux Distros Unpatched Vulnerability : CVE-2026-7930

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Cookies in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform privilege escalation via a...

CVE-2026-42365 GeoVision LPC2011/LPC2211 Web Interface guessable session cookie vulnerability

A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability...

CVE-2026-42365

GeoVision GeoVision LPC2011/LPC2211 Web Interface (version 1.10) exposes a session cookie vulnerability that allows authentication bypass through a crafted sequence of HTTP requests and brute-forcing session cookies. The CVE notes a network‑based, low‑complexity exposure with no user interaction ...

📄 cPanel / WHM Authentication Bypass / CRLF Injection

A critical authentication bypass vulnerability exists in the cPanel/WHM cpsrvd daemon due to improper neutralization of line delimiters CRLF in the whostmgrsession cookie and Authorization headers. An unauthenticated remote attacker can leverage this flaw to inject malicious session parameters...

CVE-2018-25316

Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS...

EUVD-2018-21838

Tenda W3002R/A302/W309R wireless routers version V5.07.64en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted...

Sensitive Cookie Without "HttpOnly" Flag

Overview @budibase/backend-core is a Budibase backend core libraries used in server and worker Affected versions of this package are vulnerable to Sensitive Cookie Without "HttpOnly" Flag via the set function in the cookie handling process. An attacker can gain unauthorized access to user account...

EUVD-2026-22844

The Login as User plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the handlereturntoadmin function trusting a client-controlled cookie oclauporiginaladmin to determine which user to authenticate as, without any server-side...