Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-565

CWE-565

Reliance on Cookies without Validation and Integrity Checking

Parent: CWE-642 - External Control of Critical State Data

The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.

74 vulnerabilities with CWE-565

CVE-2021-28171 CRITICAL

Vangene deltaFlow E-platform - Privilege Escalation

CVE-2020-29668 LOW

Sympa < 6.2.59b.2 - Unauthenticated Improper Authentication via SOAP API Cookie Handling

CVE-2020-26955 MEDIUM

Firefox for Android < 83.0 - Cookie Reuse Across Private and Non-Private Browsing Modes

CVE-2020-4749 MEDIUM

IBM Spectrum Scale <5.0.5.2 - Open Redirect

CVE-2020-7070 MEDIUM

PHP 7.2.0-7.2.33, 7.3.0-7.3.22, 7.4.0-7.4.10 - Cookie Prefix Confusion via URL Decoding

CVE-2020-15128 MEDIUM

OctoberCMS <1.0.468 - Info Disclosure

CVE-2019-4688 MEDIUM

IBM Security Guardium Data Encryption (GDE) 3.0.0.2 - Open Redirect

CVE-2019-4638 LOW

IBM Security Secret Server 10.7 - Info Disclosure

CVE-2019-4330 MEDIUM

IBM Security Guardium Big Data Intelligence - Info Disclosure

CVE-2019-17104 HIGH

Centreon VM <19.04.3 - Info Disclosure

CVE-2019-4305 MEDIUM

IBM WebSphere Application Server Liberty - Info Disclosure

CVE-2019-7266 CRITICAL

Linear eMerge 50P/5000P - Auth Bypass

CVE-2018-20512 CRITICAL

EPON CPE-WiFi <2.0.4-X000 - Privilege Escalation

CVE-2018-19224 HIGH

LAOBANCMS 2.0 - Unauthenticated Cookie Spoofing

CVE-2018-5190 CRITICAL

PicturesPro Photo Cart <7 - Info Disclosure

CVE-2018-5455 CRITICAL

Moxa OnCell G3100-HSPA <1.4 - Auth Bypass

CVE-2017-8034 MEDIUM

Cloud Foundry <1.32.0-0.159.0-267 - Privilege Escalation

CVE-2017-7279 CRITICAL

Unitrends Enterprise Backup <9.0.0 - Privilege Escalation

CVE-2017-6896 HIGH

DIGISOL DG-HR1400 1.00.02 - Privilege Escalation

CVE-2016-15002 HIGH

MONyog Ultimate 6.63 - Privilege Escalation

CVE-2014-125112 CRITICAL

Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution

CVE-2012-5631 HIGH

FreeIPA 3.0 - Credential Exposure via Unvalidated Cookie Transmission

Google Chrome < 15.0.874.102 - Unauthenticated Cookie Access via JavaScript URL Handling

CVE-2008-5784 CRITICAL

V3 Chat - Profiles/Dating Script 3.0.2 - Auth Bypass

Previous Page 3 of 3

Details

Vulnerabilities 74

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy