Lucene search
K

47 matches found

NVD
NVD
added 2026/06/10 12:16 a.m.17 views

CVE-2026-41706

Spring Security's CookieRequestCache and CookieServerRequestCache store the pre-authentication request URL in a browser cookie so that users can be redirected back to their intended destination after a successful login. In affected versions, the full absolute URL is stored in the cookie and is us...

6.1CVSS0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:33 a.m.8 views

CVE-2019-16187

Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows attackers to access a cookie value via a client-side script...

7.5CVSS6.8AI score0.01387EPSS
Exploits0References1
NVD
NVD
added 2025/12/22 10:16 p.m.6 views

CVE-2023-53972

WebTareas 2.4 contains a SQL injection vulnerability in the webTareasSID cookie parameter that allows unauthenticated attackers to manipulate database queries. Attackers can exploit error-based and time-based blind SQL injection techniques to extract database information and potentially access...

9.3CVSS0.0037EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-4534

Malware in sbrugna...

7.5CVSS6.1AI score0.02531EPSS
Exploits0References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-4845

Malware in sbrugna...

4.8CVSS5.2AI score0.00622EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-3660

Malware in sbrugna...

4.3CVSS6.4AI score0.01177EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-5825

Malware in sbrugna...

6.5CVSS6.5AI score0.01892EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-5787

Malware in sbrugna...

5CVSS4.9AI score0.01698EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2012-1850

Malware in sbrugna...

7.5CVSS6.4AI score0.02061EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-3650

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.01239EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-5845

Malicious code in bioql PyPI...

4.3CVSS7AI score0.01689EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-7041

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00825EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2168

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00986EPSS
Exploits0References6
CVE
CVE
added 2025/07/25 12:16 a.m.19 views

CVE-2025-0253

CVE-2025-0253 affects HCL IEM and is described as a cookie attribute not set vulnerability caused by inconsistent security-related configurations, leading to potential information exposure. Affected software: HCL IEM (cookie handling/configuration). Underlying issue: cookie attributes not set, en...

2.4CVSS6.4AI score0.00207EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/07/03 5:15 p.m.6 views

CVE-2025-48939

tarteaucitron.js is a compliant and accessible cookie banner. Prior to version 1.22.0, a vulnerability was identified in tarteaucitron.js where document.currentScript was accessed without verifying that it referenced an actual element. If an attacker injected an HTML element, it could clobber the...

4.2CVSS0.00176EPSS
Exploits1References2
Patchstack
Patchstack
added 2025/06/19 4:31 p.m.7 views

WordPress Cookie-Script.com plugin <= 1.2.1 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by domiee13 in WordPress Plugin Cookie-Script.com versions = 1.2.1...

5.3CVSS6.6AI score0.00249EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 4:32 a.m.6 views

CVE-2023-5723

An attacker with temporary script access to a site could have set a cookie containing invalid characters using document.cookie that could have led to unknown errors. This vulnerability affects Firefox 119...

5.3CVSS6AI score0.00688EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:36 a.m.7 views

CVE-2023-28429

Pimcore is an open source data and experience management platform. Versions prior to 10.5.19 have an unsecured tooltip field in DataObject class definition. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie ...

6.1CVSS6.8AI score0.00544EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:50 p.m.5 views

CVE-2022-42750

CandidATS version 3.0.0 allows an external attacker to steal the cookie of arbitrary users. This is possible because the application does not correctly validate the files uploaded by the user...

8.8CVSS7AI score0.00969EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 p.m.7 views

CVE-2022-39284

CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting $secure or $httponly value to true in Config\Cookie is not reflected in setcookie or Response::setCookie. As a result cookie values are erroneously exposed to scripts. It should be noted that this vulnerability does...

4.3CVSS6.9AI score0.00825EPSS
Exploits1References1
Rows per page
Query Builder