Lucene search
+L

44 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2007-1945

Malware in sbrugna...

7.5CVSS6.4AI score0.01406EPSS
Exploits0References4
NVD
NVD
added 2022/04/14 9:15 p.m.21 views

CVE-2020-25152

A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to hijack web sessions and escalate privileges...

8.1CVSS0.01231EPSS
Exploits0References2
Prion
Prion
added 2018/10/31 4:29 p.m.18 views

Session fixation

Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7-3481 allows remote attackers to hijack web sessions via the PHPSESSID parameter...

6.8CVSS6.3AI score0.0096EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/08/23 4:0 p.m.64 views

CVE-2017-12965

Apache2Triad v1.5.4 on Windows is affected by CVE-2017-12965, a session-fixation vulnerability that allows remote attackers to hijack web sessions via the PHPSESSID parameter. Descriptions across sources (NVD/CNVD) consistently identify Session Fixation as the issue; exploit details are not provi...

9.8CVSS9.3AI score0.15668EPSS
Exploits5References4Affected Software1
Prion
Prion
added 2017/08/02 7:29 p.m.16 views

Session fixation

Session fixation vulnerability in Unit4 Polska TETA Web formerly TETA Galactica 22.62.3.4 and earlier allows remote attackers to hijack web sessions via a session id...

7.5CVSS7.2AI score0.02908EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/08/02 7:0 p.m.39 views

CVE-2015-1174

CVE-2015-1174 affects Unit4 Polska TETA Web (formerly TETA Galactica) up to version 22.62.3.4. The vulnerability is a session fixation flaw that allows a remote attacker to hijack a user’s web session by manipulating the session identifier. The CNVD entry corroborates the affected software and vu...

9.8CVSS9.2AI score0.02908EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/03/03 3:59 p.m.14 views

Session fixation

Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie...

7.5CVSS7.2AI score0.01386EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2015/10/04 2:59 a.m.16 views

Session fixation

Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via a session identifier...

4.3CVSS6.9AI score0.01205EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2014/09/08 2:55 p.m.20 views

CVE-2014-0152

Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

6.8CVSS6.6AI score0.01757EPSS
Exploits1References2
Prion
Prion
added 2014/09/08 2:55 p.m.18 views

Session fixation

Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

6.8CVSS7.2AI score0.01757EPSS
Exploits1References2Affected Software2
Cvelist
Cvelist
added 2014/07/02 10:0 a.m.23 views

CVE-2014-4691

Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie...

6.5AI score0.02562EPSS
Exploits0References1
Prion
Prion
added 2014/07/01 12:55 a.m.18 views

Session fixation

Session fixation vulnerability in the Report Advisor RA component in EMC Network Configuration Manager NCM before 9.3 allows remote attackers to hijack web sessions via a session cookie...

5.4CVSS7.1AI score0.0158EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/06/02 3:55 p.m.14 views

Session fixation

Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centralauthSession cookie...

6.8CVSS7.2AI score0.01161EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/04/21 2:0 p.m.57 views

CVE-2014-2341

CubeCart prior to version 5.2.9 is vulnerable to a session-fixation flaw where an attacker can hijack a user session via the PHPSESSID parameter. The vulnerability stems from inadequate session protection (the only guard referenced is the User-Agent header in 5.2.8); PoCs show manipulating the PH...

6.8CVSS6.7AI score0.05825EPSS
Exploits4References7Affected Software1
Prion
Prion
added 2014/03/14 4:55 p.m.19 views

Session fixation

Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vectors...

6.8CVSS7.1AI score0.0129EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/10/21 10:0 a.m.39 views

CVE-2013-5971

Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors...

6.7AI score0.02023EPSS
Exploits0References4
Prion
Prion
added 2013/08/13 3:4 p.m.32 views

Session fixation

Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID...

6.8CVSS9.2AI score0.036EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2013/05/16 3:36 a.m.14 views

Session fixation

Session fixation vulnerability in Cisco Secure Access Control System ACS allows remote attackers to hijack web sessions via unspecified vectors, aka Bug ID CSCud95787...

6.8CVSS7.2AI score0.01209EPSS
Exploits0References1
Prion
Prion
added 2012/11/18 9:55 p.m.16 views

Session fixation

Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...

6.8CVSS7.1AI score0.0242EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2012/11/18 9:0 p.m.45 views

CVE-2012-4937

CVE-2012-4937 affects Pattern Insight 2.3. The web interface suffers a session-management weakness (session fixation) where a jsession_id cookie can be used to hijack an authenticated session. Impact, as described, includes potential privilege escalation or authentication bypass for an attacker w...

6.8CVSS6.8AI score0.0242EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder