10 matches found
CVE-2026-44054 Predictable afpd session token
Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism...
Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack
Exploit Title: Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production...
CVE-2021-42949
The component controllalogin function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks...
CVE-2021-42949
The component controllalogin function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks...
UBUNTU-CVE-2021-42949
The component controllalogin function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks...
Authentication flaw
The component controllalogin function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks...
CA 2E Web Option session spooging
Pridictable session token...
CA 2E Web Option 8.1.2身份验证绕过漏洞
CVECAN ID: CVE-2014-1219 CA 2E Web Option是CA 2E应用Web接口开发工具。 CA 2E Web Option r8.1.2生成会议令牌的方式可以预测,在实现上存在安全漏洞,这可使远程攻击者绕过身份验证机制。 0 CA 2E Web Option 8.1.2 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.ca.com/us//media/files/productbriefs/cs3003-ca-2e-web-option.aspx Vulnerability title:...
CA 2E Web Option 8.1.2 - Authentication Bypass Vulnerability
Exploit for multiple platform in category web applications Details: CA 2E Web Option r8.1.2 and potentially others, is vulnerable to unauthenticated privilege escalation via a predictable session token. The POST parameter session token W2ESSNID appears as follows:...
CA 2E Web Option 8.1.2 - Authentication Bypass
Vulnerability title: Unauthenticated Privilege Escalation in CA 2E Web Option CVE: CVE-2014-1219 Vendor: CA Product: 2E Web Option Affected version: 8.1.2 Fixed version: N/A Reported by: Mike Emery Details: CA 2E Web Option r8.1.2 and potentially others, is vulnerable to unauthenticated privilege...