Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-384

CWE-384

Session Fixation

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

404 vulnerabilities with CWE-384

CVE-2020-5550 HIGH

EasyBlocks IPv6 <2.0.1 & Enterprise <2.0.1 - Privilege Escalation

CVE-2020-5290 MEDIUM

Ctfd Rctf < 2.3 - XSS

CVE-2020-5543 CRITICAL

Mitsubishi Electric MELQIC IU1 <1.0.7 - DoS

CVE-2020-9370 CRITICAL

HUMAX HGA12R-02 BRGCAA 1.1.53 - SSRF

CVE-2020-8990 CRITICAL

Western Digital My Cloud Home <3.6.0 - SSRF

CVE-2020-5205 MEDIUM

Pow < 1.0.16 - Session Fixation via Persistent Session Store

CVE-2019-18946 MEDIUM

Micro Focus Solutions Business Manager Application Repository <11.7...

CVE-2019-4563 MEDIUM

IBM Security Directory Server 6.4.0 - Open Redirect

CVE-2019-4591 HIGH

IBM Maximo Asset Mgmt <7.6.1 - Privilege Escalation

CVE-2019-19610 MEDIUM

Halvotec RaQuest <10.23.10801.0 - Session Fixation

CVE-2019-4617 MEDIUM

IBM Cloud Automation Manager <3.2.1.0 - Info Disclosure

CVE-2019-15612 MEDIUM

Nextcloud Server <15.0.2 - Info Disclosure

CVE-2019-10158 CRITICAL

Infinispan <9.4.14.Final - Info Disclosure

CVE-2019-17563 HIGH

Apache Tomcat <9.0.29, 8.5.49, 7.0.98 - Session Fixation

CVE-2019-18573 HIGH

RSA Identity Governance <7.1.1 P03 - Session Fixation

CVE-2019-8116 HIGH

Magento <2.2.10-2.3.3/2.3.2-p1 - Auth Bypass

CVE-2019-10084 HIGH

Apache Impala 2.7.0-3.2.0 - Auth Bypass

CVE-2019-17062 HIGH

OXID eShop <6.0.6/<6.1.5 - Privilege Escalation

CVE-2019-18418 CRITICAL

ClonOS WEB control panel 19.09 - RCE

CVE-2019-15849 HIGH

eQ-3 HomeMatic CCU3 firmware 3.41.11 - Session Fixation

CVE-2019-0062 HIGH

Junos OS <12.3R12-S15 - Session Fixation

CVE-2019-4227 HIGH

IBM MQ 8.0.0.4-8.0.0.12, 9.0.0.0-9.0.0.6, 9.1.0.0-9.1.0.2, 9.1.0-9.1.2 - Session Fixation via AMQP Listener

CVE-2019-4304 MEDIUM

IBM WebSphere Application Server - Liberty - Auth Bypass

CVE-2019-6161 HIGH

ThinkAgile CP-SB <1908.M - Info Disclosure

CVE-2019-12203 MEDIUM

SilverStripe <4.3.3 - Info Disclosure

Previous Page 11 of 17 Next

Details

Vulnerabilities 404

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy