Lucene search
K

2159 matches found

Github Security Blog
Github Security Blog
added 2026/05/29 10:7 p.m.22 views

Admidio writes session IDs and auto-login cookie values to application logs

Summary When debug logging is enabled, Session::setCookie logs full cookie values and Session::start logs the current session ID. In a real Admidio deployment this includes both the active session cookie and the persistent auto-login cookie. Anyone with access to the log sink can recover live...

5.8AI score0.00015EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/05/25 11:19 p.m.5 views

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

Overview org.apache.shiro:shiro-core is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute in the for...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/25 11:19 p.m.8 views

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

Overview org.apache.shiro:shiro-web is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute in the form...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/25 8:19 p.m.28 views

CVE-2026-43828 Apache Shiro: Shiro's native session and rememberMe cookies do not have secure flag set by default

Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected...

5.9CVSS0.00272EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.17 views

PT-2026-43119

Name of the Vulnerable Software and Affected Versions Apache Shiro versions 1.0 through 2.1.0 Apache Shiro version 3.0.0-alpha-1 Description Default configurations cause the Shiro-native session manager and the Remember-Me manager to send JSESSIONID and rememberMe cookies without the 'Secure'...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Flask

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client’s session...

7.5CVSS7.1AI score0.01261EPSS
Exploits1References2
CVE
CVE
added 2026/05/19 12:0 a.m.13 views

CVE-2026-36829

CVE-2026-36829 affects Panabit PAP-XM320 (up to v7.7). The embedded HTTP server authenticates via a cookie-based value checked against the filesystem, using a user-controlled cookie without proper sanitization. This leads to a directory traversal scenario and authentication bypass, enabling bypas...

9.8CVSS5.8AI score0.01268EPSS
Exploits0References2
OSV
OSV
added 2026/05/15 6:17 p.m.11 views

GHSA-QXVM-R42F-5P8J AVideo's Meet plugin: `uploadRecordedVideo.json.php` derives `users_id` from the uploaded filename and calls passwordless `User->login()`, allowing any caller with the Meet shared secret to obtain a session as arbitrary users including admin

Summary Type: Authorization-bypass via user-controlled identifier. The Meet plugin's recorded-video upload endpoint plugin/Meet/uploadRecordedVideo.json.php authenticates the caller using a single shared Authorization: Bearer against $objM-secret. Once that check passes, the endpoint reads the...

8.1CVSS5.9AI score0.00295EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 5:16 p.m.43 views

CVE-2026-44511

Katalyst Koi is a framework for building Rails admin functionality. Prior to 4.20.0 and 5.6.0, admin session cookies were not invalidated when an admin user logged out. An attacker with access to a valid admin session cookie could continue to access admin functionality after logout, until the...

7.4CVSS0.00197EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/05/14 12:13 p.m.41 views

curl: cookie: case-insensitive path comparison in replace_existing() allows cookie eviction across distinct paths

Hi all, replaceexisting in lib/cookie.c compares cookie paths case-insensitively at two sites. On case-sensitive servers, /Admin and /admin are distinct resources and are supposed to produce distinct jar entries. Because libcurl conflates them, a Set-Cookie at one path silently evicts the cookie ...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.11 views

STEL Order 跨站脚本漏洞

STEL Order is an ERP, CRM, and online billing management platform developed by the Spanish company STEL for small and medium-sized enterprises. Versions of STEL Order prior to 3.25.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from insufficient cleaning of the...

5.1CVSS5.7AI score0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 7:54 p.m.33 views

CVE-2026-45228 Quark Drive (quark-auto-save) < 0.8.5 Stored XSS via System Configuration

Quark Drive before 0.8.5 contains a stored cross-site scripting vulnerability in the System Configuration page where the template renders pushconfig key names using Vue.js's v-html directive without escaping. Authenticated attackers can inject HTML or JavaScript payloads as key names through the...

5.4CVSS0.00183EPSS
Exploits0References3
CVE
CVE
added 2026/05/13 7:54 p.m.14 views

CVE-2026-45228

Quark Drive

5.4CVSS5.8AI score0.00183EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.11 views

CVE-2026-42190

RedwoodSDK is a server-first React framework. From version 1.0.0-beta.50 to before version 1.2.3, server actions in rwsdk apply HTTP method enforcement but no origin validation. A request originating from a different origin that the browser treats as same-site can invoke a server action with the...

5.3CVSS5.7AI score0.00111EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.11 views

PT-2026-40544

Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.18.0 Description SillyTavern uses cookie-session for authentication, where session data such as user handles and permissions are stored in a signed cookie. The endpoints "POST /api/users/change-password" and "PO...

7.5CVSS5.7AI score0.00394EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/05/11 8:25 p.m.7 views

CVE-2021-47923

OpenCart 3.0.3.8 contains a session fixation vulnerability that allows attackers to hijack user sessions by injecting arbitrary values into the OCSESSID cookie. Attackers can set malicious OCSESSID cookie values that the server accepts and maintains, enabling session takeover and unauthorized...

9.8CVSS5.9AI score0.00423EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.12 views

PT-2026-39654

Name of the Vulnerable Software and Affected Versions HireFlow version 1.2 Description The software fails to implement Cross-Site Request Forgery CSRF token validation on state-changing POST endpoints. This allows an attacker to trick an authenticated user into visiting a malicious page to perfor...

8.1CVSS5.9AI score0.00168EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/05/11 12:0 a.m.39 views

CVE-2026-38566

HireFlow v1.2 does not implement CSRF token validation on any state-changing POST endpoint. All forms password change at /profile, candidate deletion at /candidates/delete/, feedback submission at /feedback/add/, interview scheduling at /interviews/add are vulnerable to CSRF. An attacker who can...

0.00168EPSS
Exploits1References3
CVE
CVE
added 2026/05/11 12:0 a.m.14 views

CVE-2026-38566

CVE-2026-38566 affects HireFlow v1.2. The issue is CSRF on all state-changing POST endpoints (e.g., /profile password change, /candidates/delete/, /feedback/add/, /interviews/add) due to missing CSRF token validation and no SESSION_COOKIE_SAMESITE configuration. Root cause: CSRF token validation ...

8.1CVSS6AI score0.00168EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/10 2:20 p.m.20 views

User Impersonation

Overview opencart/opencart is a shopping cart system Affected versions of this package are vulnerable to User Impersonation via the OCSESSID cookie. An attacker can gain unauthorized access to user accounts by injecting arbitrary values into the session cookie, allowing session takeover...

9.8CVSS5.9AI score0.00423EPSS
Exploits0References2
Rows per page
Query Builder