ZBT WE2001 安全漏洞

ZBT WE2001 is a wireless router produced by ZBT Technology Co., Ltd. Version 23.09.27 of ZBT WE2001 contains a security vulnerability. This vulnerability stems from path traversal vulnerabilities in the logout function, which could allow remote attackers to delete any file on the host...

CVE-2025-14173

The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This is due to missing authorization checks on the logout function called via the actions function hooked to admininit. This makes it possible for unauthenticated...

CVE-2025-14173

The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This is due to missing authorization checks on the logout function called via the actions function hooked to admininit. This makes it possible for unauthenticated...

CVE-2025-14173

CVE-2025-14173 concerns the Perfit WooCommerce plugin for WordPress. The vulnerability is due to missing authorization on the logout function invoked through the actions hook on admin_init, affecting all versions up to and including 1.0.1. This enables unauthenticated attackers to delete arbitrar...

CVE-2022-38463

ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality...

EUVD-2023-59631

Malicious code in bioql PyPI...

EUVD-2024-53587

Malicious code in bioql PyPI...

CVE-2025-53642

haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6...

CVE-2025-53642 haxcms-nodejs and haxcms-php Improperly Terminate Sessions

haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6...

CVE-2025-53642

The CVE concerns haxcms-nodejs and haxcms-php backends for HAXcms. The logout flow does not terminate the user session or clear cookies, and a refresh token is issued on logout, enabling potential continued access. Affected versions are haxcms-nodejs and haxcms-php prior to 11.0.6. The issue is m...

CVE-2025-53642 haxcms-nodejs and haxcms-php Improperly Terminate Sessions

haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6...

CVE-2024-57433

macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function. After a user logs out, their token is still available and fetches information in the logged-in state...

PT-2025-5824 · Webkul · Webkul Qloapps

Name of the Vulnerable Software and Affected Versions: Webkul QloApps version 1.6.1 Description: A problematic issue was found in Webkul QloApps, affecting the logout function of the "/en/?mylogout" endpoint in the URL Handler component. This issue leads to cross-site request forgery and can be...

CVE-2024-57433

CVE-2024-57433 affects macrozheng mall-tiny 1.0.1. The vulnerability is described as Incorrect Access Control via the logout function: after logout, the user’s token remains available and can be used to fetch information in the logged-in state. This is supported by multiple feeds in connected doc...

CVE-2024-57433

macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function. After a user logs out, their token is still available and fetches information in the logged-in state...

CVE-2024-46326

Public Knowledge Project pkp-lib 3.4.0-7 and earlier is vulnerable to Open redirect due to a lack of input sanitization in the logout function...

CVE-2024-46326

Public Knowledge Project pkp-lib 3.4.0-7 and earlier is vulnerable to Open redirect due to a lack of input sanitization in the logout function...

PT-2024-31956 · Public Knowledge · Pkp-Lib

Name of the Vulnerable Software and Affected Versions: Public Knowledge Project pkp-lib versions 3.4.0-7 and earlier Description: The issue is related to an Open redirect vulnerability due to a lack of input sanitization in the logout function. Recommendations: For Public Knowledge Project pkp-li...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from the use of a destroyed mutex lock by the logout function of the LED class in the leds:an30259a module...

HCL Technologies Compass Access Control Error Vulnerability

HCL Technologies Compass is a low-code change management software from HCL Technologies, USA. Manages the full range of testing activities and integration with developer tools. HCL Technologies Compass suffers from an Access Control Error vulnerability that stems from the application not disablin...