CVE-2024-12245 Blind SQL Injection in Logout

Logout functionality contains a blind SQL injection that can be exploited by unauthenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof entries in certain...

CVE-2024-12245 Blind SQL Injection in Logout

Logout functionality contains a blind SQL injection that can be exploited by unauthenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof entries in certain...

CVE-2025-27606

Element Android is an Android Matrix Client provided by Element. Element Android up to version 1.6.32 can, under certain circumstances, fail to logout the user if they input the wrong PIN more than the configured amount of times. An attacker with physical access to a device can exploit this to...

CVE-2025-27606 Element Android PIN autologout bypass

Element Android is an Android Matrix Client provided by Element. Element Android up to version 1.6.32 can, under certain circumstances, fail to logout the user if they input the wrong PIN more than the configured amount of times. An attacker with physical access to a device can exploit this to...

Element Android 安全漏洞

Element Android is an Android Matrix client for the open source Element. A security vulnerability exists in Element Android version 1.6.32 and earlier, which stems from a failure to logout a user when entering an incorrect PIN more than a configured number of times, which could lead to an attacke...

CVE-2025-1745

A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. This vulnerability affects unknown code of the component Logout. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may...

CVE-2025-1745 LinZhaoguan pb-cms Logout cross-site request forgery

A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. This vulnerability affects unknown code of the component Logout. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may...

CVE-2025-1745 LinZhaoguan pb-cms Logout cross-site request forgery

A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. This vulnerability affects unknown code of the component Logout. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may...

CMSimple Cross-Site Scripting Vulnerability (CNVD-2026-00535)

CMSimple is a free content management system. A cross-site scripting vulnerability exists in CMSimple that stems from the Logout parameter in the Language section of the Settings menu not properly filtering user input. No details of the vulnerability are available at this time...

PT-2025-8979 · Unknown · Linzhaoguan Pb-Cms

Name of the Vulnerable Software and Affected Versions: LinZhaoguan pb-cms version 2.0 Description: A vulnerability has been found in the Logout component of LinZhaoguan pb-cms, affecting unknown code and leading to cross-site request forgery. The attack can be initiated remotely. The exploit has...

CVE-2024-49344

IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages with Watson Assistant chat feature enabled the application establishes a session when a user logs in and uses chat, but the chat session is still left active after logout...

CVE-2024-49344

IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages with Watson Assistant chat feature enabled the application establishes a session when a user logs in and uses chat, but the chat session is still left active after logout...

CVE-2024-49344

IBM OpenPages with Watson (versions 8.3 and 9.0) is affected by CVE-2024-49344 where a chat session remains active after user logout, enabling a session fixation issue. Affected component: OpenPages with Watson Assistant chat feature; root cause: chat session not terminated on logout. Impact: lim...

CVE-2025-26547

Cross-Site Request Forgery CSRF vulnerability in nagarjunsonti My Login Logout Plugin my-loginlogout allows Stored XSS.This issue affects My Login Logout Plugin: from n/a through = 2.4...

CVE-2024-35049

SurveyKing v1.3.1 was discovered to keep users' sessions active after logout. Related to an incomplete fix for CVE-2022-25590...

CVE-2025-24973

Concorde, formerly know as Nexkey, is a fork of the federated microblogging platform Misskey. Prior to version 12.25Q1.1, due to an improper implementation of the logout process, authentication credentials remain in cookies even after a user has explicitly logged out, which may allow an attacker ...

CVE-2025-26547

Cross-Site Request Forgery CSRF vulnerability in nagarjunsonti My Login Logout Plugin my-loginlogout allows Stored XSS.This issue affects My Login Logout Plugin: from n/a through = 2.4...

CVE-2025-26547 WordPress My Login Logout Plugin plugin <= 2.4 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in nagarjunsonti My Login Logout Plugin my-loginlogout allows Stored XSS.This issue affects My Login Logout Plugin: from n/a through = 2.4...

CVE-2025-26547

CVE-2025-26547 describes a CSRF-based vulnerability in the WordPress plugin My Login Logout Plugin (versions n/a through 2.4) that enables Stored XSS. Underlying issue is CSRF allowing injected scripts to be stored and later executed by other users. Reported base CVSS v3.1 score is 7.1 (High) wit...

CVE-2025-26547 WordPress My Login Logout Plugin plugin <= 2.4 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in nagarjunsonti My Login Logout Plugin allows Stored XSS. This issue affects My Login Logout Plugin: from n/a through 2.4...