Lucene search
K

4 matches found

CVE
CVE
added 2026/01/06 3:52 p.m.7 views

CVE-2020-36913

All-Dynamics Software enlogic:show 2.0.2 is affected by a session-fixation vulnerability that allows an attacker to set a predefined PHP session identifier during login. By forging a crafted HTTP GET to welcome.php with a manipulated session token, an attacker can bypass authentication and potent...

8.5CVSS7AI score0.00318EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/01/06 3:52 p.m.2 views

CVE-2020-36913 All-Dynamics Software enlogic:show 2.0.2 Session Fixation Authentication Bypass

All-Dynamics Software enlogic:show 2.0.2 contains a session fixation vulnerability that allows attackers to set a predefined PHP session identifier during the login process. Attackers can forge HTTP GET requests to welcome.php with a manipulated session token to bypass authentication and...

8.5CVSS7AI score0.00318EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/06 3:52 p.m.24 views

CVE-2020-36913 All-Dynamics Software enlogic:show 2.0.2 Session Fixation Authentication Bypass

All-Dynamics Software enlogic:show 2.0.2 contains a session fixation vulnerability that allows attackers to set a predefined PHP session identifier during the login process. Attackers can forge HTTP GET requests to welcome.php with a manipulated session token to bypass authentication and...

8.5CVSS0.00318EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.3 views

All-Dynamics enlogic:show 安全漏洞

All-Dynamics enlogic:show is a digital signage management system from All-Dynamics, Germany. A security vulnerability exists in All-Dynamics enlogic:show version 2.0.2, which stems from the presence of a session fixation vulnerability that could lead to bypassing authentication and performing...

8.5CVSS6.8AI score0.00318EPSS
Exploits1References6
Rows per page
Query Builder