Lucene search
K

7 matches found

EUVD
EUVD
added 8 hours ago6 views

EUVD-2026-42312

Socket.IO enables bidirectional and low-latency communication for every platform. From 6.5.0 before 6.6.7, Engine.IO servers with WebTransport enabled can resolve a crafted session ID such as proto through an inherited property of the clients object during WebTransport upgrade handling, causing a...

7.5CVSS5.9AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.11 views

CVE-2026-30808

Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...

8.1CVSS5.5AI score0.00267EPSS
Exploits0References1
OSV
OSV
added 2022/05/01 11:28 p.m.12 views

GHSA-76X8-GG39-5JJG CherryPy Malicious cookies allow access to files outside the session directory

Directory traversal vulnerability in the getfilepath function in 1 lib/sessions.py in CherryPy 3.0.x up to 3.0.2, 2 filter/sessionfilter.py in CherryPy 2.1, and 3 filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write...

8.7CVSS6.3AI score0.02647EPSS
Exploits1References21
OSV
OSV
added 2008/01/12 2:46 a.m.6 views

CVE-2008-0252

Directory traversal vulnerability in the getfilepath function in 1 lib/sessions.py in CherryPy 3.0.x up to 3.0.2, 2 filter/sessionfilter.py in CherryPy 2.1, and 3 filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write...

6.5AI score
Exploits0References20
Prion
Prion
added 2008/01/12 2:46 a.m.12 views

Directory traversal

Directory traversal vulnerability in the getfilepath function in 1 lib/sessions.py in CherryPy 3.0.x up to 3.0.2, 2 filter/sessionfilter.py in CherryPy 2.1, and 3 filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write...

7.5CVSS7.2AI score0.02647EPSS
Exploits1References18Affected Software1
Cvelist
Cvelist
added 2008/01/12 2:0 a.m.21 views

CVE-2008-0252

Directory traversal vulnerability in the getfilepath function in 1 lib/sessions.py in CherryPy 3.0.x up to 3.0.2, 2 filter/sessionfilter.py in CherryPy 2.1, and 3 filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write...

6.4AI score0.02647EPSS
Exploits1References18
Debian CVE
Debian CVE
added 2008/01/12 2:0 a.m.28 views

CVE-2008-0252

Directory traversal vulnerability in the getfilepath function in 1 lib/sessions.py in CherryPy 3.0.x up to 3.0.2, 2 filter/sessionfilter.py in CherryPy 2.1, and 3 filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write...

7.5CVSS6.4AI score0.02647EPSS
Exploits1
Rows per page
Query Builder