5 matches found
CVE-2025-56746
Creativeitem Academy LMS up to and including 5.13 does not regenerate session IDs upon successful authentication, enabling session fixation attacks where attackers can hijack user sessions by predetermining session identifiers...
PT-2023-7208 · Symfony · Symfony
Name of the Vulnerable Software and Affected Versions: Symfony versions 5.4.21 through 5.4.30 Symfony versions 6.2.7 through 6.3.7 Description: The issue is related to the incorrect management of sessions by the SessionStrategyListener function in the Symfony platform. This can allow a remote...
PT-2023-23520 · Froxlor · Froxlor
Name of the Vulnerable Software and Affected Versions: froxlor/froxlor versions prior to 2.1.0 Description: The issue is related to session fixation, where session ids are not regenerated appropriately. This may result in session fixation. Recommendations: For versions prior to 2.1.0, update to...
Gibbon 授权问题漏洞
Gibbon is a school platform that solves real-world problems that educators encounter every day. A security vulnerability exists in Gibbon version v23 that stems from the application not generating a new session ID cookie after a user is authenticated.The application is vulnerable to session...
Moodle Session Fixation Vulnerability
This host is running Moodle and is prone to session fixation vulnerability OpenVAS Vulnerability Test $Id: gbmoodlesessionfixationvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Moodle Session Fixation Vulnerability Authors: Madhuri D Copyright: Copyright c 2010 Greenbone Networks GmbH,...