Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Hermes WebUI < 0.51.368 - Profile-Scoped Authorization Bypass via Forged hermes_profile Cookie
Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys when sites are running concurrent public surveys and private surveys
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
Serendipity: Host Header Injection enables authentication cookie scoping to an attacker-controlled domain
Rack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserialization
Debugger & Troubleshooter <= 1.3.2 - Unauthenticated Privilege Escalation to Administrator via Cookie Manipulation
Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution
WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation
JAY Login & Register <= 2.4.01 - Authentication Bypass via Cookie
COMMAX Biometric Access Control System Authentication Bypass
A reliance on cookies without validation and integrity checking vulnerability in Fortinet FortiWeb 8
Azure PlayFab Elevation of Privilege Vulnerability
NamelessMC Vulnerable to Cookie-Based View Count Manipulation
e-Excellence U-Office Force - Improper Authentication
NewType FlowMaster BPM Plus - Privilege Escalation
Cookies Manipulation in Talya Informatics' Elektraweb
Electrolink FM/DAB/TV Transmitter Reliance on Cookies without Validation and Integrity Checking
Electrolink FM/DAB/TV Transmitter Reliance on Cookies without Validation and Integrity Checking
XSS in JupyterHub via Self-XSS leveraged by Cookie Tossing
Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.
Showing 1 - 20 of 1,000+ results