Search

Blog Stats Labs CLI MCP API Limits About Privacy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Blog Statistics Labs CLI Tool MCP Server API Documentation Rate Limits About Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-384

CWE-384

Session Fixation

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

383 vulnerabilities with CWE-384

CVE-2026-30224 MEDIUM

OliveTin <3000.11.1 - Auth Bypass

CVE-2026-24352 CRITICAL

PluXml CMS 5.8.21/5.9.0-rc7 - Session Fixation

CVE-2025-71057 HIGH

D-Link DSL-124 ME_1.00 - Session Hijacking

CVE-2026-24894 HIGH

FrankenPHP <1.11.2 - Info Disclosure

CVE-2026-2177 HIGH

SourceCodester Prison Management System 1.0 - Session Fixation

CVE-2026-23796 CRITICAL

Quick.Cart <6.7 - Session Hijacking

CVE-2026-23624 MEDIUM

GLPI <10.0.23-11.0.5 - Info Disclosure

CVE-2025-7014 MEDIUM

QR Menu Pro Smart Menu Systems Menu Panel <29012026 - Session Fixation

CVE-2025-7015 MEDIUM

QR Menu <s1.05.12 - Session Fixation

CVE-2025-69602 CRITICAL

AltumCode 66biolinks v62.0.0 - Session Fixation

CVE-2025-68139 MEDIUM

EVerest <2025.12.1 - Info Disclosure

CVE-2025-36115 MEDIUM

IBM Sterling Connect:Express Adapter - Privilege Escalation

Tenda Wireless Router - Auth Bypass

CVE-2020-36913 MEDIUM

All-Dynamics Software enlogic:show 2.0.2 - CSRF

CVE-2025-43516 LOW

macOS <26.2-15.7.3-14.8.3 - Info Disclosure

CVE-2023-53776 HIGH

Screen SFT DAB 1.9.3 - Auth Bypass

CVE-2023-53775 MEDIUM

Screen SFT DAB 1.9.3 - Auth Bypass

CVE-2023-53741 HIGH

Screen SFT DAB 1.9.3 - Auth Bypass

CVE-2025-63529 MEDIUM

Blood Bank Management System 1.0 - Session Fixation

CVE-2025-65681 LOW

Overhang.IO <20.0.2 - Info Disclosure

CVE-2025-56400 HIGH

Tuya Smartlife < 6.5.0 - CSRF

CVE-2025-63224 CRITICAL

Itel DAB Encoder <25aec8d - Auth Bypass

CVE-2025-63216 CRITICAL

Itel DAB Gateway - Auth Bypass

CVE-2025-37159 MEDIUM

AOS-CX OS - Privilege Escalation

CVE-2025-64100 MEDIUM

CKAN <2.10.9, <2.11.4 - Info Disclosure

Page 1 of 16 Next

Details

Vulnerabilities 383

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy