Lucene search
K

5 matches found

Circl
Circl
added 2026/02/27 11:35 p.m.4 views

CVE-2018-25160

creationtimestamp| type| source ---|---|--- 2026-02-27 23:35:46+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mfuut5hylf2w 2026-02-27 23:40:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfuv2vq2yv2u...

6.5CVSS5.3AI score0.00404EPSS
Exploits0References2
NVD
NVD
added 2026/02/27 9:16 p.m.7 views

CVE-2018-25160

HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...

6.5CVSS0.00404EPSS
Exploits0References4
OSV
OSV
added 2026/02/27 9:16 p.m.5 views

CVE-2018-25160

HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...

6.5CVSS6.1AI score
Exploits0References4
CVE
CVE
added 2026/02/27 8:15 p.m.15 views

CVE-2018-25160

Summary (CVE-2018-25160) : The Perl package HTTP::Session2 (versions through 1.09) does not validate the format of user-provided session IDs, enabling potential code injection or other impact depending on the session backend. Red Hat and EU/ENISA entries corroborate that insecure session-id handl...

6.5CVSS6.1AI score0.00404EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/02/27 8:15 p.m.20 views

CVE-2018-25160 HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend

HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...

0.00404EPSS
Exploits0References3
Rows per page
Query Builder