CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-7390

Malware in sbrugna...

5.3CVSS5.5AI score0.00206EPSS

Exploits0References2

Vulnrichment•added 2024/07/26 2:2 a.m.•9 views

CVE-2024-4447

In the System → Maintenance tool, the Logged Users tab surfaces sessionId data for all users via the Direct Web Remoting API UserSessionAjax.getSessionList.dwr calls. While this is information that would and should be available to admins who possess "Sign In As" powers, admins who otherwise lack...

9.9CVSS5.8AI score0.00114EPSS

Exploits0References1

NVD•added 2019/08/30 9:15 a.m.•5 views

CVE-2018-15513

Log viewer in totemomail 6.0.0 build 570 allows access to sessionIDs of high privileged users by leveraging access to a read-only auditor role...

5.3CVSS5AI score0.00206EPSS

Exploits0References1

Prion•added 2019/08/30 9:15 a.m.•14 views

Design/Logic Flaw

Log viewer in totemomail 6.0.0 build 570 allows access to sessionIDs of high privileged users by leveraging access to a read-only auditor role...

5CVSS5AI score0.00206EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/08/29 9:21 p.m.•9 views

CVE-2018-15513

Log viewer in totemomail 6.0.0 build 570 allows access to sessionIDs of high privileged users by leveraging access to a read-only auditor role...

5AI score0.00206EPSS

Exploits0References1

CVE•added 2019/08/29 9:21 p.m.•29 views

CVE-2018-15513

CVE-2018-15513 affects totemomail 6.0.0 build 570 where the log viewer API/feature enables access to session IDs of high-privilege users by abusing access granted to a read-only auditor role. The underlying cause is not detailed beyond this access path; the impact is exposure of sensitive session...

5.3CVSS5AI score0.00206EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by