9 matches found
EUVD-2021-0517
Malware in sbrugna...
Information DIsclosure
mautic/core is vulnerable to information disclosure. The vulnerability exists as the tracking cookies per contact is systematically incremented by their auto-incremented ID, and it is possible to retrieve information about the contact through forms by progressive profiling...
Mautic Sessions could be hijacked due to tracking contacts by an auto-incremented ID
Impact An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is possible to systematically emulate tracking cookies per contact due to tracking the contact by their auto-incremented ID. Thus, a third party can manipulate the cookie value with +1 to systematically assume being tracked as...
GHSA-VFXJ-QG93-7WWC Mautic Sessions could be hijacked due to tracking contacts by an auto-incremented ID
Impact An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is possible to systematically emulate tracking cookies per contact due to tracking the contact by their auto-incremented ID. Thus, a third party can manipulate the cookie value with +1 to systematically assume being tracked as...
CVE-2018-10189
An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is possible to systematically emulate tracking cookies per contact due to tracking the contact by their auto-incremented ID. Thus, a third party can manipulate the cookie value with +1 to systematically assume being tracked as each...
CVE-2018-10189
An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is possible to systematically emulate tracking cookies per contact due to tracking the contact by their auto-incremented ID. Thus, a third party can manipulate the cookie value with +1 to systematically assume being tracked as each...
Design/Logic Flaw
An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is possible to systematically emulate tracking cookies per contact due to tracking the contact by their auto-incremented ID. Thus, a third party can manipulate the cookie value with +1 to systematically assume being tracked as each...
CVE-2018-10189
In Mautic 1.x and 2.x before 2.13.0, an attacker can systematically emulate tracking cookies per contact by manipulating the cookie value with +1, effectively allowing a third party to assume the tracked identity of other contacts and access information via forms using progressive profiling. This...
CVE-2018-10189
An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is possible to systematically emulate tracking cookies per contact due to tracking the contact by their auto-incremented ID. Thus, a third party can manipulate the cookie value with +1 to systematically assume being tracked as each...