Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/04/10 5:35 p.m.3 views

CVE-2026-31940 Session Fixation in Chamilo LMS

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, in main/lp/aicchacp.php, user-controlled request parameters are directly used to set the PHP session ID before loading global bootstrap. This leads to session fixation. This vulnerability is fixed in 1.11.38 and...

7.5CVSS5.8AI score0.0024EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.21 views

Dell iDRAC Improper Session ID Handling (CVE-2014-8272)

The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack. This plugin only works with...

5CVSS5.8AI score0.21152EPSS
Exploits6References4
Veracode
Veracode
added 2023/08/23 12:39 p.m.17 views

Insecure Session Management

tmate-ssh-server is vulnerable to Insecure Session Management. This vulnerability exists due to a lack of proper session ID handling, which could lead to the execution of arbitrary code on the user's system...

7CVSS7.3AI score0.00254EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/11/04 5:29 a.m.13 views

Remote code execution

Gitea before 1.5.4 allows remote code execution because it does not properly validate session IDs. This is related to session ID handling in the go-macaron/session code for Macaron...

7.5CVSS9.7AI score0.03041EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/04/13 1:29 p.m.2 views

CVE-2018-6959

VMware vRealize Automation vRA prior to 7.4.0 contains a vulnerability in the handling of session IDs. Exploitation of this issue may lead to the hijacking of a valid vRA user's session...

9.8CVSS5.8AI score0.02073EPSS
Exploits0References3
Rows per page
Query Builder