CVE-2024-36523

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts...

CVE-2024-26330

An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout, user credentials remain in memory while the process is still open, and can be obtained by dumping the process memory and parsing it...

PT-2024-21354 · Kape · Cyberghostvpn

Name of the Vulnerable Software and Affected Versions: Kape CyberGhostVPN version 8.4.3.12823 Description: An issue was discovered where user credentials remain in memory after a successful logout, while the process is still open. These credentials can be obtained by dumping the process memory an...

CyberGhostVPN Security Breach

CyberGhostVPN is a highly optimized VPN server from CyberGhostVPN Romania. A security vulnerability exists in CyberGhostVPN version 8.4.3.12823, which stems from a process that remains open after logging out, allowing an attacker to obtain user credentials by dumping the process memory and parsin...

CVE-2024-26330

CVE-2024-26330 affects Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout, user credentials stay in memory while the process remains open and can be retrieved by dumping and parsing the process memory. This is the root issue described across Red Hat and NVD entries, with practic...

CVE-2024-26330

An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout, user credentials remain in memory while the process is still open, and can be obtained by dumping the process memory and parsing it...

GHSA-QR5F-6FCV-W69Q Typo3 Security Misconfiguration in Frontend Session Handling

It has been discovered session data of properly authenticated and logged in frontend users is kept and transformed into an anonymous user session during the logout process. This way the next user using the same client application gains access to previous session data...

GHSA-8G5H-GJWQ-W5CH Moodle Logout CSRF in admin/tool/mfa/auth.php

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF...

CVE-2024-34007

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF...

CVE-2024-34007

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF...

CVE-2024-34007

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF...

UBUNTU-CVE-2024-34007

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF...

CVE-2024-34007 moodle: logout CSRF in admin/tool/mfa/auth.php

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF...

CVE-2024-34007 moodle: logout CSRF in admin/tool/mfa/auth.php

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF...

PT-2024-25635 · Mfa +2 · Mfa +2

Name of the Vulnerable Software and Affected Versions: MFA affected versions not specified Description: The issue concerns the logout option within MFA, which did not include the necessary token to prevent the risk of users being inadvertently logged out via CSRF. Recommendations: At the moment,...

TYPO3 Security Misconfiguration in Frontend Session Handling

It has been discovered session data of properly authenticated and logged in frontend users is kept and transformed into an anonymous user session during the logout process. This way the next user using the same client application gains access to previous session data...

GHSA-82VP-JR39-4J2J TYPO3 Security Misconfiguration in Frontend Session Handling

It has been discovered session data of properly authenticated and logged in frontend users is kept and transformed into an anonymous user session during the logout process. This way the next user using the same client application gains access to previous session data...

PT-2024-40176 · Packagist · Typo3/Cms-Core

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, use: Software affected versions not specified Description: A security issue has been found where session data of authenticated frontend users is not properly cleared during the logout process. As a...

PT-2024-27424 · WordPress · Login Logout Register Menu

Name of the Vulnerable Software and Affected Versions: Login Logout Register Menu plugin for WordPress versions up to, and including, 2.0 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's 'llrmloginlogout' shortcode...

CVE-2024-25977

The application does not change the session token when using the login or logout functionality. An attacker can set a session token in the victim's browser e.g. via XSS and prompt the victim to log in e.g. via a redirect to the login page. This results in the victim's account being taken over...