Hostel Management System change-password.php File Session Hijacking Vulnerability

Hostel Management System is a hostel management system. Hostel Management System has a session hijacking vulnerability that stems from improper handling of session data in the file /hostel/change-password.php, no details of the vulnerability are available at this time...

ChuanhuChatGPT Access Control Error Vulnerability

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. An access control error vulnerability exists in ChuanhuChatGPT version 20240802, which stems from improper handling of session data and lack ...

CVE-2024-8613

CVE-2024-8613 affects gaizhenbiao/chuanhuchatgpt (version 20240802). The vulnerability arises from improper handling of session data and lack of access control, enabling an attacker to view, copy, and delete other users’ chat histories. Multiple sources (NVD, Red Hat, CNVD, OSV, CVE list) corrobo...

ChuanhuChatGPT 访问控制错误漏洞

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. An access control error vulnerability exists in ChuanhuChatGPT version 20240802, which stems from improper handling of session data and lack ...

SUSE CVE-2009-4143

PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to 1 interrupt corruption of the SESSION superglobal array and 2 the session.savepath directive...

Ubuntu Update for php5 vulnerabilities USN-882-1

Ubuntu Update for Linux kernel vulnerabilities USN-882-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN8821.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for php5 vulnerabilities USN-882-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

CVE-2009-4143

PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to 1 interrupt corruption of the SESSION superglobal array and 2 the session.savepath directive...