Lucene search
+L

4 matches found

euvd
euvd
added 4 days ago10 views

EUVD-2026-43230

Capgo before 12.128.2 allows email address changes without requiring current password re-authentication or verification of the existing email address. An attacker with access to a valid session cookie or authenticated browser can change the account email to gain control of account recovery and...

8.4CVSS6.1AI score0.00244EPSS
Exploits0References2
veracode
veracode
added 2025/05/14 10:21 a.m.8 views

Session Fixation

Rack is vulnerable to Session Fixation. The vulnerability is due to race conditions in session handling due to concurrent requests potentially restoring a deleted session when using Rack::Session::Pool, allowing an attacker with a valid session cookie to retain access even after logout...

4.2CVSS6.5AI score0.00201EPSS
Exploits0References7Affected Software1
nessus
nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-32725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used...

9.6CVSS8.1AI score0.00849EPSS
Exploits0References2
osv
osv
added 2018/05/11 9:29 p.m.5 views

CVE-2018-6362

Easy Hosting Control Panel EHCP v0.37.12.b has XSS via the domainop action parameter, as demonstrated by reading the PHPSESSID cookie...

6.1CVSS5.8AI score0.01058EPSS
Exploits2References2
Rows per page
Query Builder