Lucene search
K

159 matches found

CVE
CVE
added 2024/05/23 9:29 p.m.85 views

CVE-2024-5294

The CVE-2024-5294 entry concerns the D-Link DIR-3040 router. The vulnerable component is prog.cgi (HNAP handler for the lighttpd server on ports 80/443). The root cause is improper memory management when processing HTTP cookie values, causing a memory leak that enables a denial-of-service conditi...

6.5CVSS4.3AI score0.0046EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2023/11/16 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-6473-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.8AI score0.01207EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.41 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : PHP vulnerabilities (USN-4583-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4583-1 advisory. It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease...

6.5CVSS7.1AI score0.05029EPSS
Exploits1References3
F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.51 views

K11435435: PHP vulnerability CVE-2020-7070

Security Advisory Description In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like Host confused with cookies that decode to such prefix, thu...

5.3CVSS6.5AI score0.05029EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 7:57 p.m.31 views

K13434228: Apache Struts vulnerability CVE-2012-0392

Security Advisory Description The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method...

6.8CVSS9.5AI score0.96787EPSS
Exploits1
Huntr
Huntr
added 2022/11/03 8:0 p.m.16 views

XSS Stored inside Standard Interface Help Link href attribute

📜 Description Cross-site scripting XSS is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. The persistent or stored XSS vulnerability is a more devastating variant of a...

Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/10/20 12:0 a.m.7 views

The vulnerability of the CookieInterceptor class implementation in the Apache Struts software platform allows a hacker to execute arbitrary code.

The vulnerability of the CookieInterceptor class implementation in the Apache Struts software platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to execute arbitrary code using a specially created HTTP cookie header...

7.3CVSS8.2AI score0.96787EPSS
Exploits1References10Affected Software2
CVE
CVE
added 2022/05/27 12:56 p.m.90 views

CVE-2022-29733

CVE-2022-29733 affects Delta Controls enteliTOUCH, versions 3.40.3935, 3.40.3706, and 3.33.4005. The root cause is cleartext transmission/storage of sensitive information in HTTP cookies, enabling a man‑in‑the‑middle attacker to intercept cookie authentication credentials. Multiple sources (NVD e...

5.9CVSS5.6AI score0.00664EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2022/05/27 12:56 p.m.25 views

CVE-2022-29733

Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to transmit and store sensitive information in cleartext. This vulnerability allows attackers to intercept HTTP Cookie authentication credentials via a man-in-the-middle attack...

5.8AI score0.00664EPSS
Exploits2References2
Hacker One
Hacker One
added 2022/05/05 5:48 p.m.37 views

curl: Cookie injection from non-secure context

Summary: Curl allows injecting cookies over insecure HTTP connection that will then be sent to the target site when connecting over HTTPS. As documented in lib/cookie.c https://github.com/curl/curl/blob/a04f0b961333e1a19848d073d8c7db9c20b2a371/lib/cookie.cL1039 this should not be possible: / A...

0.5AI score
Exploits0
OSV
OSV
added 2022/05/04 12:29 a.m.21 views

GHSA-2PPP-XJ34-VVF7 Apache Struts's CookieInterceptor component does not use the parameter-name whitelist

The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method...

6.8CVSS9.7AI score0.96787EPSS
Exploits1References10
0day.today
0day.today
added 2022/04/14 12:0 a.m.225 views

Delta Controls enteliTOUCH 3.40.3935 Cookie User Password Disclosure Vulnerability

Delta Controls enteliTOUCH 3.40.3935 Cookie User Password Disclosure Vendor: Delta Controls Inc. Product web page: https://www.deltacontrols.com Affected version: 3.40.3935 3.40.3706 3.33.4005 Summary: enteliTOUCH - Touchscreen Building Controller. Get instant access to the heart of your BAS. The...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/02/01 12:0 a.m.422 views

Cisco Small Business RV Series Authentication Bypass / Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Small Business RV Series Authentication Bypass and Command Injection', 'Description' = %q This module exploits an authentication bypass...

9.8CVSS1.1AI score0.72472EPSS
Exploits8
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2015-0227)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.5AI score0.04345EPSS
Exploits0References6
NVD
NVD
added 2021/10/22 7:15 p.m.19 views

CVE-2021-41171

eLabFTW is an open source electronic lab notebook manager for research teams. In versions of eLabFTW before 4.1.0, it allows attackers to bypass a brute-force protection mechanism by using many different forged PHPSESSID values in HTTP Cookie header. This issue has been addressed by implementing...

8.8CVSS0.01883EPSS
Exploits1References5
OSV
OSV
added 2021/10/22 7:15 p.m.7 views

CVE-2021-41171

eLabFTW is an open source electronic lab notebook manager for research teams. In versions of eLabFTW before 4.1.0, it allows attackers to bypass a brute-force protection mechanism by using many different forged PHPSESSID values in HTTP Cookie header. This issue has been addressed by implementing...

8.8CVSS6.9AI score
Exploits0References5
Prion
Prion
added 2021/10/22 7:15 p.m.12 views

Design/Logic Flaw

eLabFTW is an open source electronic lab notebook manager for research teams. In versions of eLabFTW before 4.1.0, it allows attackers to bypass a brute-force protection mechanism by using many different forged PHPSESSID values in HTTP Cookie header. This issue has been addressed by implementing...

4CVSS8.6AI score0.01883EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2020/10/16 5:4 p.m.9 views

MGASA-2020-0387 Updated php packages fix a security vulnerability

In PHP versions 7.2.x when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure...

5.3CVSS6.1AI score0.05029EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2020/10/09 12:0 a.m.153 views

PHP 7.4.x < 7.4.11 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.34, 7.3.x prior to 7.3.23 or 7.4.x prior to 7.4.11. It is, therefore, affected by multiple vulnerabilities: - When AES-CCM mode is used with opensslencrypt function with 12 byt...

6.5CVSS6.8AI score0.05029EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/10/09 12:0 a.m.59 views

PHP 7.3.x < 7.3.23 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.34, 7.3.x prior to 7.3.23 or 7.4.x prior to 7.4.11. It is, therefore, affected by multiple vulnerabilities: - When AES-CCM mode is used with opensslencrypt function with 12 byt...

6.5CVSS6.8AI score0.05029EPSS
Exploits1References3
Rows per page
Query Builder