CVE-2025-69581

Chamillo LMS 1.11.2 has a data exposure flaw on the Social Network /personal_data endpoint due to missing cache-control headers. This allows unauthorized users on the same device to view full sensitive user data after logout (via the browser back button). Root cause: improper cache control. Impac...

nopCommerce 安全漏洞

nopCommerce is a suite of open source, general purpose e-commerce platforms from nopCommerce, Inc. A security vulnerability exists in nopCommerce versions prior to 4.70 and 4.80.3, which stems from a failure to invalidate a session cookie after logout or session termination, which could lead to...

CVE-2023-39695

Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to arbitrarily change transmitter configuration and data after logging out...

CVE-2023-40537

An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

MantisBT 代码问题漏洞

MantisBT is MantisBT Mantisbt team of a Web-based open source defect tracking system . The system provides project management and defect tracking services in the form of Web operations. A security vulnerability exists in MantisBT before 2.24.5 that stems from associating a unique cookie string wi...

UBUNTU-CVE-2012-5868

WordPress 3.4.2 does not invalidate a wordpresssec session cookie upon an administrator's logout action, which makes it easier for remote attackers to discover valid session identifiers via a brute-force attack, or modify data via a replay attack...