CVE-2025-13008 Session Token Disclosure in M-Files Web

An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users...

CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

CVE-2013-4868

Karotz API 12.07.19.00: Session Token Information Disclosure...

BMC Remedy LFI / RFI / XSS / Code Execution Vulnerabilities

BMC Remedy suffers from log hijacking, code execution, cross site scripting, local/remote file inclusion, and various other vulnerabilities. Document Title ============== Multiple vulnerabilities in BMC Remedy Reported By =========== Simon Rawet from Outpost24 Kristian Varnai from Outpost24 Vendo...

Ipswitch IMail Web Interface URI Referer Session Token Disclosure

The remote host is running IMail web interface. In this version, the session is maintained via the URL. It will be disclosed in the Referer field if you receive an email with external links e.g. images %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: http://www.nessus.org/u?fd6d15...