3 matches found
CVE-2022-30605
Summary (concrete): WWBN AVideo 11.6 (and dev master commit 3f7c0364) is affected by a session-id privilege-escalation vulnerability. The flaw, described in TALOS-2022-1535, lets an attacker hijack an admin/user session by supplying a crafted PHPSESSID via a GET parameter, effectively enabling se...
CVE-2022-30605
A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability...
WWBN AVideo session id privilege escalation vulnerability
Talos Vulnerability Report TALOS-2022-1535 WWBN AVideo session id privilege escalation vulnerability August 16, 2022 CVE Number CVE-2022-30605 SUMMARY A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafte...