Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-384

CWE-384

Session Fixation

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

392 vulnerabilities with CWE-384

CVE-2024-48929 MEDIUM

Umbraco <13.5.2-10.8.7 - Info Disclosure

CVE-2024-10158 MEDIUM

PHPGurukul Boat Booking System 1.0 - Session Fixation

CVE-2024-8643 CRITICAL

Oceanic Software ValeApp <2.0.0 - Session Fixation

CVE-2024-45368 HIGH

H2-DM1E PLC - Auth Bypass

CVE-2024-42345 MEDIUM

SINEMA Remote Connect Server <V3.2 SP2 - Auth Bypass

CVE-2024-7341 HIGH

Keycloak - Session Fixation

CVE-2024-37829 HIGH

Outline <= 0.76.1 - SSRF

CVE-2024-38513 CRITICAL

Fiber <2.52.5 - Session Fixation

CVE-2024-24552 HIGH

Bludit - Auth Bypass

CVE-2024-25977 HIGH

Application - Auth Bypass

CVE-2024-23193 MEDIUM

Open-xchange OX App Suite < 8.22 - Information Disclosure

CVE-2024-2260 MEDIUM

ZenML < - Session Fixation

CVE-2024-0157 MEDIUM

Dell Storage Resource Manager <4.9.0.0 - Privilege Escalation

CVE-2024-30262 MEDIUM

Contao <4.13.40 - Info Disclosure

CVE-2024-31221 MEDIUM

Sunshine <0.23.0 - Info Disclosure

CVE-2024-2639 MEDIUM

Bdtask Wholesale Inventory Management System <20240311 - Session Fi...

CVE-2024-28197 HIGH

Zitadel < 2.44.3 - XSS

CVE-2024-22250 HIGH

VMware Enhanced Authentication Plug-in - Session Hijack

CVE-2024-22318 MEDIUM

IBM i Access Client Solutions <1.1.2-1.1.4, <1.1.4.3-1.1.9.4 - Info...

CVE-2024-24823 MEDIUM

Graylog <5.1.11-5.2.4 - Privilege Escalation

CVE-2024-23679 CRITICAL

Enonic XP <7.7.4 - Info Disclosure

CVE-2024-0351 LOW

SourceCodester Engineers Online Portal 1.0 - Info Disclosure

CVE-2023-53776 HIGH

Screen SFT DAB 1.9.3 - Auth Bypass

CVE-2023-53775 MEDIUM

Screen SFT DAB 1.9.3 - Auth Bypass

CVE-2023-53741 HIGH

Screen SFT DAB 1.9.3 - Auth Bypass

Previous Page 4 of 16 Next

Details

Vulnerabilities 392

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy