Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-7643

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0014EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-3686

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2025/03/10 10:15 a.m.32 views

CVE-2025-24387

A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation. This issue...

6.5CVSS0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/10 9:28 a.m.32 views

CVE-2025-24387 Missing CSRF protection

A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation. This issue...

4.8CVSS0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/10 9:28 a.m.18 views

CVE-2025-24387 Missing CSRF protection

A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation. This issue...

4.8CVSS7.1AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 2025/01/27 5:59 a.m.59 views

CVE-2025-24390

The CVE-2025-24390 issue affects OTRS Application Server and reverse proxy configurations, enabling session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. Affected: OTRS 7.0.X, 8.0.X, 2023.X, 2024.X. Root cause: incomplete cookie security attributes in HTTPS ...

6.8CVSS6.6AI score0.00195EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/27 5:59 a.m.19 views

CVE-2025-24390 Missing Cookie Flags

A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X...

6.8CVSS0.00195EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/19 12:0 a.m.5 views

OTRS SQL注入漏洞

OTRS is an application from OTRS Germany. A service management software. OTRS AG OTRS, OTRS AG OTRS Community Edition Version 7.0.1 up to and including version 7.0.40 Patch 1, version 8.0.1 up to and including version 8.0.28 Patch 1, and version 6.0.1 up to and including version 6.0.34 has a SQL...

9.8CVSS5.9AI score0.00715EPSS
Exploits0References5
CNVD
CNVD
added 2021/06/17 12:0 a.m.7 views

OTRS AG OTRS Input Validation Error Vulnerability

OTRS is an application from the German company OTRS. A service management software. OTRS AG An input validation error vulnerability exists in OTRS that arises from the system not properly validating incoming data. An attacker placing a specially crafted URL in the body of an email message could...

6.5CVSS6.7AI score0.00976EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

OTRS 2.0 index.pl Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15537/info OTRS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to multiple SQL-injection...

7.1AI score
Exploits0
Rows per page
Query Builder