CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access arbitrary customer accounts via a modified cookie, related to pchead.php, pclogin.php, and pcloginpage.php...

5CVSS9.3AI score0.00441EPSS

Exploits0References2Affected Software1

NVD•added 2016/04/06 11:59 p.m.•10 views

CVE-2016-2272

Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to have an unspecified impact via a modified cookie...

7.5CVSS7.6AI score0.00321EPSS

Exploits0References1

Prion•added 2016/04/06 11:59 p.m.•11 views

Code injection

Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to have an unspecified impact via a modified cookie...

5CVSS7.3AI score0.00321EPSS

Exploits0References1Affected Software1

Cvelist•added 2016/04/06 11:0 p.m.•14 views

CVE-2016-2272

Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to have an unspecified impact via a modified cookie...

7.6AI score0.00321EPSS

Exploits0References1

Prion•added 2016/03/03 10:59 p.m.•11 views

Design/Logic Flaw

IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3 through 11.3.1.2, and 11.5 allows remote authenticated users to bypass intended access restrictions via a modified cookie...

3.5CVSS6.5AI score0.00128EPSS

Exploits0References3Affected Software1

Prion•added 2013/07/03 1:54 p.m.•12 views

Path traversal

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions via a modified cookie path...

4CVSS6.5AI score0.00154EPSS

Exploits0References2Affected Software2

Cvelist•added 2013/07/03 10:0 a.m.•21 views

CVE-2013-0456

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions via a modified cookie path...

6.1AI score0.00154EPSS

Exploits0References2

Cvelist•added 2010/07/09 5:0 p.m.•16 views

CVE-2009-4927

WB News 2.1.2 allows remote attackers to bypass authentication and gain administrative access via a modified WBNEWS cookie, as demonstrated by setting this cookie to 1...

7.1AI score0.01693EPSS

Exploits1References3

NVD•added 2008/04/22 4:41 a.m.•9 views

CVE-2008-1904

Cicoandcico CcMail 1.0.1 and earlier does not verify that the thiscookie cookie corresponds to an authenticated session, which allows remote attackers to obtain access to the "admin area" via a modified thiscookie cookie...

7.5CVSS6.4AI score0.04517EPSS

Exploits1References4

Cvelist•added 2008/04/21 11:0 p.m.•14 views

CVE-2008-1904

6.4AI score0.04517EPSS

Exploits1References4

Cvelist•added 2008/03/04 7:0 p.m.•12 views

CVE-2008-1134

OMEGA aka Omegasoft INterneSErvicesLosungen INSEL 7 supports authentication with a cookie that lacks a shared secret, which allows remote attackers to login as an arbitrary user via a modified cookie...

7AI score0.02687EPSS

Exploits0References4

NVD•added 2007/06/29 6:30 p.m.•9 views

CVE-2007-3500

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie...

10CVSS6.9AI score0.00908EPSS

Exploits0References4

Cvelist•added 2007/06/29 6:0 p.m.•15 views

CVE-2007-3500

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie...

6.9AI score0.00908EPSS

Exploits0References4

NVD•added 2007/04/10 11:19 p.m.•9 views

CVE-2007-1925

The borrado function in modules/YourAccount/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie...

6.5CVSS6.3AI score0.01023EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by