Lucene search
K

113 matches found

CVE
CVE
added 2018/04/16 1:0 p.m.57 views

CVE-2018-0533

Cybozu Garoon contains an authentication bypass flaw CVE-2018-0533 that allows remote authenticated users to bypass access restrictions and alter data in session authentication settings. Affected products/versions include Cybozu Garoon 3.0.0 to 4.2.6 (and related entries covering 3.0.0–4.2.6 acro...

4.9CVSS5.6AI score0.01353EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/04/10 12:0 a.m.4 views

Cybozu Garoon Operational Limit Bypass Vulnerability (CNVD-2018-08811)

Cybozu Garoon is an office software with Chinese, Japanese, and English languages. An operation restriction bypass vulnerability exists in the session authentication settings in Cybozu Garoon 3.0.0 through 4.2.6. The vulnerability can be exploited by users logging in to the product with...

4.9CVSS7.1AI score0.01353EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/04/13 7:0 p.m.22 views

CVE-2016-8712

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds...

5.9CVSS8.3AI score0.01353EPSS
Exploits2References1
NVD
NVD
added 2016/09/18 2:59 a.m.20 views

CVE-2016-0883

Pivotal Cloud Foundry PCF Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote attackers to bypass session authentication by leveraging knowledge of this key from another installation...

9.8CVSS9.7AI score0.00883EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/09/18 1:0 a.m.21 views

CVE-2016-0883

Pivotal Cloud Foundry PCF Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote attackers to bypass session authentication by leveraging knowledge of this key from another installation...

9.7AI score0.00883EPSS
Exploits0References1
CVE
CVE
added 2016/09/18 1:0 a.m.40 views

CVE-2016-0883

CVE-2016-0883 affects Pivotal Cloud Foundry Ops Manager prior to 1.5.14 and 1.6.x prior to 1.6.9. The issue is that the same cookie-encryption key was used across different customers’ installations, enabling remote attackers to bypass session authentication by leveraging knowledge of the key from...

9.8CVSS9.5AI score0.00883EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2014/07/18 12:0 a.m.34 views

Advantech WebAccess Remote Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication requirements on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ChkCookieNoRedir function. By providing arbitrary values to certai...

7.5CVSS6.6AI score0.01549EPSS
Exploits0References1
NVD
NVD
added 2014/01/26 1:55 a.m.12 views

CVE-2014-1673

Check Point Session Authentication Agent allows remote attackers to obtain sensitive information user credentials via unspecified vectors...

5CVSS6.3AI score0.01643EPSS
Exploits0References5
Cvelist
Cvelist
added 2014/01/26 1:0 a.m.18 views

CVE-2014-1673

Check Point Session Authentication Agent allows remote attackers to obtain sensitive information user credentials via unspecified vectors...

6.3AI score0.01643EPSS
Exploits0References5
CVE
CVE
added 2014/01/26 1:0 a.m.40 views

CVE-2014-1673

Technical details (affected product/version, exploit vectors, root cause) are not provided in the connected documents. No public specifics available; monitor for updates.

5CVSS6.4AI score0.01643EPSS
Exploits0References5Affected Software1
CheckPoint Security
CheckPoint Security
added 2014/01/21 10:0 p.m.12 views

Check Point response to Session Authentication Agent vulnerability

...

2.5AI score
Exploits0Affected Software1
0day.today
0day.today
added 2013/11/01 12:0 a.m.23 views

Quick Paypal Payments 3.0 - Presistant XSS (0day)

Exploit for php platform in category web applications TITLE ===== Quick Paypal Payments - Persistent Cross Site Scripting Vulnerability AUTHOR ====== Zy0d0x BLOG ==== https://zy0d0x.com DATE ==== 10/08/2013 VENDOR ====== Quick Plugins - http://quick-plugins.com/ AFFECTED PRODUCT ================...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2013/10/16 12:0 a.m.21 views

WordPress Dexs PM System Cross Site Scripting

=============================================================================== | | / / / / / / // / / -alert'xss'; --- SNIP --- If the message has been sent successfully a alert diolog will apear containing xss when an user checks there...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2012/11/17 12:0 a.m.30 views

CVE-2012-5886

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to...

5CVSS7.2AI score0.08768EPSS
Exploits0References5
Fortinet
Fortinet
added 2012/08/20 12:0 a.m.14 views

Potential Buffer Overflow During HTTP Session Authentication

...

2.5AI score
Exploits0
OpenVAS
OpenVAS
added 2011/10/14 12:0 a.m.1699 views

Microsoft Windows SMB/NETBIOS NULL Session Authentication Bypass Vulnerability

The host is running SMB/NETBIOS and prone to authentication bypass Vulnerability OpenVAS Vulnerability Test $Id: gbmswindowssmbsharepasswdnullsecbypassvuln.nasl 7550 2017-10-24 12:17:52Z cfischer $ Microsoft Windows SMB/NETBIOS NULL Session Authentication Bypass Vulnerability Authors: Antu Sanadi...

7.5CVSS0.3AI score0.05673EPSS
Exploits0References2
myhack58
myhack58
added 2011/01/12 12:0 a.m.20 views

luocms 2.0 add administrator vulnerability...attached to the POST EXP-vulnerability warning-the black bar safety net

LUOCMS is a paragraph based on PHP+MYSQL article management system, easy-to-use, full DIV+CSS architecture, the whole Station HTML, good internal structure, more suitable for website optimization promotion. This author's idea is that the user can directly see the files on the session authenticati...

7.6AI score
Exploits0
myhack58
myhack58
added 2011/01/01 12:0 a.m.23 views

High Bay articles system is the latest version 0Day analysis-vulnerability warning-the black bar safety net

Bored online in scurry, who is actually known found a website is to hang a horse. A closer look at the site, it scared me a big jump, is hanging horse website turned out to be the High-Bay articles system web site. www.gaobei.com. Even the official are hanging out with horses, don't have the...

7.5AI score
Exploits0
myhack58
myhack58
added 2010/10/27 12:0 a.m.22 views

phpaa cms 0day and fix-vulnerability warning-the black bar safety net

Author:BlAck. Eagle cookie spoofing Vulnerabilityfile:/admin/global.php 1. ? php 2. / 3. Background public profile 4. 5. For the background application is initialized, a background verify permissions, etc. 6. / 7. requireonce '../data/config.inc.php'; //system initialization file 8. requireonce...

1.2AI score
Exploits0
myhack58
myhack58
added 2010/03/03 12:0 a.m.22 views

lply(v2. 0)vulnerability analysis-vulnerability warning-the black bar safety net

Article author:wwqwwq After you download the code, and looked, and there set the code style is very rigorous, somewhat object-oriented flavor. First look at the database directory, open the databases Directory, database format for the asa,this is the back to insert the phrase Trojan horse is buri...

7.2AI score
Exploits0
Rows per page
Query Builder