| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Xigla Software Absolute Live Support .NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. |
| Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. |
| Absolute Content Rotator 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. |
| Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. |
| Xigla Software Absolute Poll Manager XE 4.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. |
| Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. |
| Absolute Banner Manager .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. |
| Absolute Podcast .NET 1.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. |
| Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. |
| Xigla Software Absolute News Feed 1.0 and possibly 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a certain cookie. |
| Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. |
| Joovili 3.1.4 allows remote attackers to bypass authentication and gain privileges as other users, including the administrator, by setting the (1) session_id, session_logged_in, and session_username cookies for user privileges; (2) session_admin_id, session_admin_username, and session_admin cookies for admin privileges; and (3) session_staff_id, session_staff_username, and session_staff cookies for staff users. |
| Bux.to Clone script allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1 and the usNick cookie to admin. |
| OwenPoll 1.0 allows remote attackers to bypass authentication and obtain administrative access via a modified account name in the username cookie. |
| Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. |
| Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. |
| win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1. |
| phpscripts Ranking Script allows remote attackers to bypass authentication and gain administrative access by sending an admin=ja cookie. |
| Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter. |
| Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. |
