44 matches found
EUVD-2007-1945
Malware in sbrugna...
CVE-2020-25152
A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to hijack web sessions and escalate privileges...
Session fixation
Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7-3481 allows remote attackers to hijack web sessions via the PHPSESSID parameter...
CVE-2017-12965
Apache2Triad v1.5.4 on Windows is affected by CVE-2017-12965, a session-fixation vulnerability that allows remote attackers to hijack web sessions via the PHPSESSID parameter. Descriptions across sources (NVD/CNVD) consistently identify Session Fixation as the issue; exploit details are not provi...
Session fixation
Session fixation vulnerability in Unit4 Polska TETA Web formerly TETA Galactica 22.62.3.4 and earlier allows remote attackers to hijack web sessions via a session id...
CVE-2015-1174
CVE-2015-1174 affects Unit4 Polska TETA Web (formerly TETA Galactica) up to version 22.62.3.4. The vulnerability is a session fixation flaw that allows a remote attacker to hijack a user’s web session by manipulating the session identifier. The CNVD entry corroborates the affected software and vu...
Session fixation
Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie...
Session fixation
Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via a session identifier...
CVE-2014-0152
Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors...
Session fixation
Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors...
CVE-2014-4691
Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie...
Session fixation
Session fixation vulnerability in the Report Advisor RA component in EMC Network Configuration Manager NCM before 9.3 allows remote attackers to hijack web sessions via a session cookie...
Session fixation
Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centralauthSession cookie...
CVE-2014-2341
CubeCart prior to version 5.2.9 is vulnerable to a session-fixation flaw where an attacker can hijack a user session via the PHPSESSID parameter. The vulnerability stems from inadequate session protection (the only guard referenced is the User-Agent header in 5.2.8); PoCs show manipulating the PH...
Session fixation
Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vectors...
CVE-2013-5971
Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors...
Session fixation
Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID...
Session fixation
Session fixation vulnerability in Cisco Secure Access Control System ACS allows remote attackers to hijack web sessions via unspecified vectors, aka Bug ID CSCud95787...
Session fixation
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...
CVE-2012-4937
CVE-2012-4937 affects Pattern Insight 2.3. The web interface suffers a session-management weakness (session fixation) where a jsession_id cookie can be used to hijack an authenticated session. Impact, as described, includes potential privilege escalation or authentication bypass for an attacker w...