Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2356 matches found

Prion
Prionadded 2017/03/26 5:59 a.m.11 views

Open redirect

Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header...

5.8CVSS6.3AI score0.00272EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2017/03/09 9:59 a.m.2 views

CVE-2017-6549

Session hijack vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmware before...

8.8CVSS5.8AI score0.24524EPSS
Exploits6References4
Hacker One
Hacker Oneadded 2016/12/28 6:4 a.m.21 views

Nextcloud: No session logout after changing password & alsoandroid sessions not shown in sessions list so they can be deleted

There is no session logout after changing password and also if admin needs to disconnect some session of android no android sessions are shown in list If attacker has password and logins somehow using android app he may not be logged out as there are no session logout after changing password and...

1.9AI score
Exploits0
Openbugbounty
Openbugbountyadded 2016/12/24 3:20 a.m.9 views

jkonline.in Open Redirect vulnerability

Vulnerable URL: http://www.jkonline.in/Account/Logout?u=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 2867877 VIP website status:| No Check...

6.9AI score
Exploits0
Openbugbounty
Openbugbountyadded 2016/12/24 3:14 a.m.9 views

dnhonline.in Open Redirect vulnerability

Vulnerable URL: http://www.dnhonline.in/Account/Logout?u=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 8851447 VIP website status:| No Chec...

6.9AI score
Exploits0
Hacker One
Hacker Oneadded 2016/12/23 6:30 a.m.13 views

Gratipay: Session Fixation At Logout /Session Misconfiguration

Dear Suppport Team , Commonly After Logout time , session should destroy and then new session should be created .. But in your application , it is not possible and same sessioncookie is there before logout and after logout from your application . For further details please find the attachment...

1.2AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2016/12/19 4:36 a.m.1 views

Cybozu Garoon vulnerable to cross-site request forgery

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a cross-site request forgery vulnerability CWE-352. Yasuda Yuya reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN...

5.3CVSS6.5AI score0.00232EPSS
Exploits0References5
Openbugbounty
Openbugbountyadded 2016/12/15 2:19 p.m.26 views

sonos.com XSS vulnerability

Vulnerable URL: https://www.sonos.com/login/logout/?returnURL="-confirmOPENBUGBOUNTY-" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.09.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 13988 VIP website status:| Yes Coordinated...

6.3AI score
Exploits0
OSV
OSVadded 2016/12/11 2:59 a.m.17 views

CVE-2016-9851

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions prior to 4.6.5, and 4.4.x versions prior to 4.4.15.9 are affected...

5.3CVSS6.8AI score
Exploits0References3
NVD
NVDadded 2016/12/11 2:59 a.m.10 views

CVE-2016-9851

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions prior to 4.6.5, and 4.4.x versions prior to 4.4.15.9 are affected...

5.3CVSS5AI score0.00241EPSS
Exploits0References3
OSV
OSVadded 2016/12/11 2:59 a.m.2 views

DEBIAN-CVE-2016-9851

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions prior to 4.6.5, and 4.4.x versions prior to 4.4.15.9 are affected...

5.3CVSS7.1AI score0.00241EPSS
Exploits0References1
OSV
OSVadded 2016/12/11 2:59 a.m.2 views

ALPINE-CVE-2016-9851

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions prior to 4.6.5, and 4.4.x versions prior to 4.4.15.9 are affected...

5.3CVSS6.9AI score0.00241EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2016/12/11 2:59 a.m.26 views

CVE-2016-9851

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions prior to 4.6.5, and 4.4.x versions prior to 4.4.15.9 are affected...

5.3CVSS6.5AI score0.00241EPSS
Exploits0References2
OSV
OSVadded 2016/12/11 2:59 a.m.1 views

UBUNTU-CVE-2016-9851

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions prior to 4.6.5, and 4.4.x versions prior to 4.4.15.9 are affected...

5.3CVSS6.4AI score0.00241EPSS
Exploits0References3
Prion
Prionadded 2016/12/11 2:59 a.m.13 views

Design/Logic Flaw

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions prior to 4.6.5, and 4.4.x versions prior to 4.4.15.9 are affected...

5CVSS6.8AI score0.00241EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2016/12/11 2:0 a.m.24 views

CVE-2016-9851

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions prior to 4.6.5, and 4.4.x versions prior to 4.4.15.9 are affected...

5.3AI score0.00241EPSS
Exploits0References3
CVE
CVEadded 2016/12/11 2:0 a.m.79 views

CVE-2016-9851

CVE-2016-9851 (phpMyAdmin) : A vulnerability allows bypass of the logout timeout via a crafted request parameter. Affected are all 4.6.x versions prior to 4.6.5 and 4.4.x versions prior to 4.4.15.9. The issue is documented in the initial CVE entry, with CVSS metrics indicating a low to medium imp...

5.3CVSS5.2AI score0.00241EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2016/12/11 2:0 a.m.17 views

CVE-2016-9851

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions prior to 4.6.5, and 4.4.x versions prior to 4.4.15.9 are affected...

5.3CVSS5.5AI score0.00241EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2016/12/11 2:0 a.m.25 views

CVE-2016-9851

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions prior to 4.6.5, and 4.4.x versions prior to 4.4.15.9 are affected...

5.3CVSS5.5AI score0.00241EPSS
Exploits0
Hacker One
Hacker Oneadded 2016/12/08 12:27 a.m.24 views

Urban Dictionary: Text injection on Auth problem at urbandictionary.com

A text injection bug was found and fixed. Simple text injection over Logout IDOR at Urban Dictionary :...

2.2AI score
Exploits0
Rows per page
Query Builder