9 matches found
EUVD-2004-2101
Malware in sbrugna...
EUVD-2002-0255
Malware in sbrugna...
CVE-2021-42948
HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id's...
Fortinet FortiClientEms code issue vulnerability
Fortinet FortiClientEms is a centralized central management system from Fortinet, Inc. A code issue vulnerability exists in Fortinet FortiClientEms, which can be exploited by attackers to gain administrator privileges by reusing an unexpired administrator user session ID...
CVE-2004-2109
Multiple cross-site scripting XSS vulnerabilities in 1 imagezoom.asp or 2 recommend.asp in Q-Shop allow remote attackers to execute arbitrary script and steal the user session ID via Javascript in a URL...
CVE-2004-2109
Multiple cross-site scripting XSS vulnerabilities in 1 imagezoom.asp or 2 recommend.asp in Q-Shop allow remote attackers to execute arbitrary script and steal the user session ID via Javascript in a URL...
CVE-2002-0258
Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g. by extracting the ID from the user's answer or forward URLs...
CVE-2002-0258
Merak Mail IceWarp Web Mail uses a static user session ID that does not change across sessions. This could allow remote attackers who obtain the session ID to elevate privileges as the targeted user (e.g., via IDs exposed in answers or forward URLs). Affected product: Merak Mail IceWarp Web Mail....
CVE-2001-1286
Ipswitch IMail 7.04 and earlier stores a user’s session ID in a URL, enabling session hijacking if an attacker can obtain the URL (e.g., via an HTML email that causes the Referrer to reveal the URL under the attacker’s control). Affected product: Ipswitch IMail Web Interface. Root cause: session ...