Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-35844

Malicious code in bioql PyPI...

7.5CVSS7.8AI score0.01123EPSS
Exploits0References2
OSV
OSVadded 2022/08/22 7:15 p.m.12 views

CVE-2022-32778

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the...

7.5CVSS6.6AI score
Exploits0References2
Prion
Prionadded 2022/08/22 7:15 p.m.13 views

Information disclosure

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the...

5CVSS7.3AI score0.01123EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/08/22 6:28 p.m.58 views

CVE-2022-32778

WWBN AVideo 11.6 and dev master commit 3f7c0364 are affected by information-disclosure cookies issues (CVE-2022-32777 and CVE-2022-32778) per TALOS-2022-1542. The session cookie lacks HttpOnly and Secure flags, allowing access via JavaScript and leakage over non-HTTPS. The pass cookie also lacks ...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/08/22 6:28 p.m.7 views

CVE-2022-32778

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/08/22 6:28 p.m.14 views

CVE-2022-32778

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the...

7.5CVSS7.5AI score0.01123EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/08/16 12:0 a.m.1 views

WWBN AVideo 安全漏洞

WWBN AVideo is a video platform builder written in PHP by the WWBN team. A security vulnerability exists in WWBN AVideo version 11.6, which stems from a missing HttpOnly flag in the session cookie and pass cookie, which can disclose sensitive information...

7.5CVSS7.5AI score0.01123EPSS
Exploits0References5
Cvelist
Cvelistadded 2018/09/05 9:0 p.m.13 views

CVE-2018-15681

An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully steals this cookie c...

9.4AI score0.00194EPSS
Exploits1References1
Rows per page
Query Builder