127 matches found
Cross-Site Request Forgery (CSRF) in neorazorx/facturascripts
✍️ Description Attacker able to change any role with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...
Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii
✍️ Description Attacker able to Remove budgeted amount with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...
Cross-Site Request Forgery (CSRF) in admidio/admidio
✍️ Description Attacker able to delete any Announcements with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...
Cross-Site Request Forgery (CSRF) in admidio/admidio
✍️ Description Attacker able to delete any album of a user with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...
Cross-Site Request Forgery (CSRF) in aces/loris
✍️ Description Attacker able to delete any user with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...
Cross-Site Request Forgery (CSRF) in ampache/ampache
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Session fixation
SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. The N-Central JSESSIONID cookie attribute is not checked against multiple sources such as sourceip, MFA claim, etc. as long as the victim stays logged in within N-Central. To take...
CVE-2020-15909
SolarWinds N-central up to 2020.1 is described as vulnerable to session hijacking via the JSESSIONID cookie. The JSESSIONID attribute is not validated against multiple sources (e.g., source IP, MFA claims) while the victim remains logged in, allowing an attacker to steal the cookie and reuse it b...
CVE-2020-15574
SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893...
CVE-2020-15574
CVE-2020-15574 affects SolarWinds Serv-U File Server prior to 15.2.1. The root cause is mishandling of the Same-Site cookie attribute, leading to potential exposure of sensitive information via crafted requests. Multiple sources (NVD, Red Hat advisory, CNVD) confirm the same issue and reference t...
D-Link DGS-1250 Header Injection
D-Link DGS-1250 header injection vulnerability ============================================== The latest version of this advisory is available at: https://sintonen.fi/advisories/d-link-dgs-1250-header-injection.txt Overview -------- D-Link DGS-1250 switch is susceptible to a header injection...
PT-2019-13856 · Red Hat · 3Scale
Name of the Vulnerable Software and Affected Versions: 3scale versions prior to 2.6 Description: A vulnerability was found that did not set the HTTPOnly attribute on the user session cookie, allowing an attacker to conduct cross-site scripting attacks and gain access to unauthorized information...
Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ
It was found that Hawtio console does not set HTTPOnly or Secure attributes on cookies. An attacker could use this flaw to rerieve an authenticated user's SessionID, and possibly conduct further attacks with the permissions of the authenticated user...
CVE-2018-16958
Oracle WebCenter Interaction Portal 10.3.3 is affected. ASP.NET_SessionID cookie used with IIS/ASP.NET is not protected by HttpOnly, and customers cannot enable the attribute. This exposes the cookie to session hijacking if JavaScript runs in the portal origin. No explicit fix/mitigation is provi...
Information disclosure
IBM Tivoli Endpoint Manager IBM BigFix Platform 9.2 and 9.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable the secure cookie attribute. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...
FreeBSD : phpMyAdmin -- Multiple vulnerabilities (7721562b-e20a-11e6-b2e2-6805ca0b3d42)
The phpMyAdmin development team reports : Open redirect php-gettext code execution DOS vulnerability in table editing CSS injection in themes Cookie attribute injection attack SSRF in replication DOS in replication status %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...
phpMyAdmin -- Multiple vulnerabilities
The phpMyAdmin development team reports: Open redirect php-gettext code execution DOS vulnerability in table editing CSS injection in themes Cookie attribute injection attack SSRF in replication DOS in replication status...
phpMyAdmin Injection Attack Vulnerability
phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security vulnerability exists in phpMyAdmin 4.6.3...
CVE-2016-5702
phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHPSELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI...
Design/Logic Flaw
phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHPSELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI...