Lucene search
K

470 matches found

Vulnrichment
Vulnrichment
added 2026/03/20 10:46 p.m.2 views

CVE-2026-27649 CTEK Chargeportal Insufficient Session Expiration

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...

7.3CVSS5.8AI score0.00328EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/20 8:49 p.m.2 views

Session Fixation

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Session Fixation via the sessionstart function when processing the PHPSESSID GET parameter. An attacker can gain unauthorized access to a victim's authenticated...

8.5CVSS5.8AI score0.00296EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/20 8:49 p.m.7 views

AVideo has Session Fixation via GET PHPSESSID Parameter With Disabled Login Session Regeneration

Summary AVideo's sessionstart function accepts arbitrary session IDs via the PHPSESSID GET parameter and sets them as the active PHP session. A session regeneration bypass exists for specific blacklisted endpoints when the request originates from the same domain. Combined with the explicitly...

7.3CVSS6AI score0.00296EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/20 5:52 a.m.4 views

CVE-2026-33043 AVideo affected by Session Hijacking via Unauthenticated Session ID Disclosure with Permissive CORS

WWBN AVideo is an open source video platform. In versions 25.0 and below, /objects/phpsessionid.json.php exposes the current PHP session ID to any unauthenticated request. The allowOrigin function reflects any Origin header back in Access-Control-Allow-Origin with Access-Control-Allow-Credentials...

8.1CVSS5.8AI score0.00345EPSS
Exploits1References2
CVE
CVE
added 2026/03/20 5:52 a.m.17 views

CVE-2026-33043

WWBN AVideo has a cross-origin session disclosure vulnerability in versions 25.0 and below: /objects/phpsessionid.json.php exposes the current PHP session ID to unauthenticated requests, and allowOrigin() returns the Origin header with Access-Control-Allow-Credentials: true, enabling credentialed...

8.1CVSS5.8AI score0.00345EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/19 5:47 p.m.4 views

GHSA-Q669-4GMV-G8MF Ella Core panics on invalid PDU Session IDs in NGAP messages

Summary Ella Core panics when processing NGAP messages with invalid PDU Session IDs outside of 1-15. Impact An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required. Fix Added PDU...

6.5CVSS5.8AI score0.00393EPSS
Exploits0References3
CVE
CVE
added 2026/03/09 12:0 a.m.8 views

CVE-2025-70973

CVE-2025-70973 affects ScadaBR 1.12.4. The issue is a Session Fixation vulnerability where the application assigns a JSESSIONID to unauthenticated users and does not regenerate the session identifier after successful authentication, allowing a pre-login session to become authenticated after login...

4.8CVSS5.8AI score0.002EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/03/08 5:16 p.m.6 views

CVE-2026-3753

A vulnerability has been found in SourceCodester Sales and Inventory System up to 1.0. The impacted element is an unknown function of the file /addsalesprint.php. Such manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

8.8CVSS5.7AI score0.00301EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.5 views

CVE-2026-28482

OpenClaw versions prior to 2026.2.12 construct transcript file paths using unsanitized sessionId parameters and sessionFile paths without enforcing directory containment. Authenticated attackers can exploit path traversal sequences like ../../etc/passwd in sessionId or sessionFile parameters to...

8.4CVSS5.9AI score0.00136EPSS
Exploits0References1
OSV
OSV
added 2026/03/05 8:53 p.m.5 views

GHSA-GQ2M-77HF-VWGH OliveTin Session Fixation: Logout Fails to Invalidate Server-Side Session

Summary OliveTin does not revoke server-side sessions when a user logs out. Although the browser cookie is cleared, the corresponding session remains valid in server storage until expiry default ≈ 1 year. An attacker with a previously stolen or captured session cookie can continue authenticating...

5.4CVSS6AI score0.00302EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.7 views

PT-2026-23614

Name of the Vulnerable Software and Affected Versions OliveTin versions prior to 3000.11.1 Description OliveTin does not properly invalidate server-side sessions upon user logout. Although the browser cookie is cleared during logout, the corresponding session remains valid in server storage until...

9.9CVSS5.8AI score0.22162EPSS
Exploits70References138
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.5 views

PT-2026-22573

The vulnerability enables an attacker to fully bypass authentication in CGM CLININET and gain access to any active user account by supplying only the username, without requiring a password or any other credentials. Obtaining a session ID is sufficient for session takeover and grants access to the...

9CVSS6AI score0.00207EPSS
Exploits0References3
NVD
NVD
added 2026/02/27 8:21 p.m.8 views

CVE-2026-3255

HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand function. The HTTP::Session2 session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epo...

6.5CVSS0.00418EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/27 6:9 p.m.20 views

CVE-2026-27755 SODOLA SL902-SWTGW124AS <= 200.1.20 Predictable Session ID

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the session identifie...

9.8CVSS0.00402EPSS
Exploits0References2
CVE
CVE
added 2026/02/27 6:9 p.m.12 views

CVE-2026-27755

The CVE describes a vulnerability in SODOLA SL902-SWTGW124AS firmware up to version 200.1.20 where the session ID is generated using predictable MD5-based cookies. An attacker who knows or guesses valid credentials could compute the session identifier offline, bypass the login flow, and gain unau...

9.8CVSS5.9AI score0.00402EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.7 views

HTTP::Session2 安全漏洞

HTTP::Session2 is a Perl package developed by Tokuhiro Matsuno. Versions of HTTP::Session2 prior to 1.09 contained security vulnerabilities. These vulnerabilities stemmed from the lack of verification of the session ID format provided by users, which could lead to code injection or other issues...

6.5CVSS5.9AI score0.00404EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/23 11:45 p.m.23 views

CVE-2025-69250 free5GC has Improper Error Handling in UDM, Leading to Information Exposure

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the service reliably leaks detailed internal error messages e.g., strconv.ParseInt parsing errors to remote clients when processi...

8.7CVSS0.00398EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/20 12:0 a.m.25 views

CVE-2026-26721

An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to obtain sensitive information via the sid query parameter...

0.00262EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/20 12:0 a.m.5 views

CVE-2026-26721

An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to obtain sensitive information via the sid query parameter...

5.5AI score0.00262EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/02/18 12:57 a.m.22 views

OpenClaw's unsanitized session ID enables path traversal in transcript file operations

Description OpenClaw versions = 2026.2.12 Fix Fixed by validating session IDs rejecting path separators / traversal sequences and enforcing sessions-directory containment for session transcript file operations. Fix Commits - 4199f9889f0c307b77096a229b9e085b8d856c26 Additional Hardening -...

8.4CVSS5.5AI score0.00136EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder