Lucene search
K

4 matches found

Snyk
Snyk
added 2026/02/17 4:43 p.m.4 views

Authorization Bypass Through User-Controlled Key

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the sessionKey parameter in the POST /hooks/agent endpoint. An attacker can inject messages or prompts into arbitrary sessions by...

7.1CVSS6AI score0.00284EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/24 12:0 a.m.7 views

PT-2022-12629 · Lanner · Iac-Ast2500A

Name of the Vulnerable Software and Affected Versions: Lanner Inc IAC-AST2500A version 1.10.0 Description: Session fixation and insufficient session expiration vulnerabilities allow an attacker to perform session hijacking attacks against users. Recommendations: For Lanner Inc IAC-AST2500A versio...

8.8CVSS8.7AI score0.00399EPSS
Exploits0References4
CNVD
CNVD
added 2017/09/13 12:0 a.m.5 views

WordPress Photocrati NextGEN Gallery Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Photocrati NextGEN Gallery plugin is one of the image management plugin. A cross-site scripting vulnerability exist...

4.8CVSS5AI score0.00993EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2009/01/19 12:0 a.m.3 views

PT-2009-2743 · Squirrelmail +1 · Squirrelmail +1

Name of the Vulnerable Software and Affected Versions: SquirrelMail version 1.4.8 Description: The issue allows remote authenticated users to access other users' folder lists and configuration data under certain circumstances by using the standard webmail.php interface. This occurs because a Red...

6.5CVSS7.3AI score0.01855EPSS
Exploits1References14
Rows per page
Query Builder