Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/02/15 4:23 p.m.4 views

CVE-2024-12012

A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. Both the SHA-1 hash of the password as well as the session tokens are included as part of the URL and therefore exposed to information leakage...

5.7CVSS7.1AI score0.00064EPSS
Exploits0References1
CVE
CVEadded 2025/02/13 4:1 p.m.43 views

CVE-2024-12012

CVE-2024-12012 affects Nozomi Networks TCP/IP Gateway (firmware 12h). The flaw stems from CWE-598: GET requests carrying sensitive query strings leak the SHA-1 password hash and session tokens via the URL, enabling information leakage and potential bypass of authentication (pass-the-hash). Affect...

5.7CVSS7.2AI score0.00064EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2023/01/27 12:0 a.m.288 views

Micro Focus GroupWise Session ID Disclosure

Trovent Security Advisory 2203-01 Micro Focus GroupWise transmits session ID in URL Overview Advisory ID: TRSA-2203-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2203-01 Affected product: Micro Focus GroupWise Affected version: prior to 18.4.2...

4.3CVSS4.8AI score0.00184EPSS
Exploits2
Hacker One
Hacker Oneadded 2021/03/10 11:6 p.m.183 views

GitHub Security Lab: [Java] CWE-598: Use of GET Request Method with Sensitive Query Strings

This bug was reported directly to GitHub Security Lab...

1.2AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/15 12:0 a.m.58 views

Encore Discovery Solution Multiple Vulnerability Disclosure

Product: Encore Discovery Solution Vendor: Innovative Interfaces Inc Vulnerable Version: 4.3 Tested Version: 4.3 Vendor Notification: June 19, 2014 Public Disclosure: August 26, 2014 Vulnerability Type: Open Redirect CWE-601 CVE Reference: CVE-2014-5127 Risk Level: Medium CVSSv2 Base Score: 4.3...

5.8CVSS0.8AI score0.00388EPSS
Exploits0
securityvulns
securityvulnsadded 2013/09/09 12:0 a.m.80 views

SilverStripe(R) Information Exposure Through Query Strings in GET Request (CWE-598)

SilverStripeR Information Exposure Through Query Strings in GET Request CWE-598 - CVE: CVE-2013-2653 - CWE: CWE-598 - Deloitte Argentina Advisory Code: DTTAR-20130002 - Vendor Status: CONFIRMED - Vendor Disclosure Date: May, 8th, 2013. - Public Disclosure Date: August, 1st, 2013. - Vendors...

5.8CVSS0.2AI score0.05747EPSS
Exploits2
Packet Storm
Packet Stormadded 2013/08/02 12:0 a.m.72 views

SilverStripe CMS 3.0.3 Information Disclosure

SilverStripeR Information Exposure Through Query Strings in GET Request CWE-598 - CVE: CVE-2013-2653 - CWE: CWE-598 - Deloitte Argentina Advisory Code: DTTAR-20130002 - Vendor Status: CONFIRMED - Vendor Disclosure Date: May, 8th, 2013. - Public Disclosure Date: August, 1st, 2013. - Vendors...

5.8CVSS6.5AI score0.05747EPSS
Exploits2
Rows per page
Query Builder