Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-613

CWE-613

Insufficient Session Expiration

Parent: CWE-672 - Operation on a Resource after Expiration or Release

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

531 vulnerabilities with CWE-613

CVE-2025-55162 MEDIUM

Envoy <1.32.10, 1.33.0-1.33.6, 1.34.0-1.34.4, 1.35.0 - Info Disclosure

CVE-2025-4643 MEDIUM

Payload CMS < 3.44.0 - Insufficient Session Expiration via JWT Reuse

CVE-2025-36040 MEDIUM

IBM Aspera Faspex 5.0.0-5.0.12.1 - Authenticated Insufficient Session Expiration

CVE-2025-50486 HIGH

PHPGurukul Car Rental Project <3.0 - Privilege Escalation

CVE-2025-50485 HIGH

PHPGurukul Online Course Registration <3.1 - Session Hijacking

CVE-2025-50487 HIGH

PHPGurukul Blood Bank & Donor Mgmt Sys <2.4 - Session Hijacking

CVE-2025-50484 HIGH

PHPGurukul Small CRM v3.0 - Info Disclosure

CVE-2025-50491 HIGH

PHPGurukul Bank Locker Management System <v1 - Session Hijacking

CVE-2025-50488 HIGH

PHPGurukul Online Library Management System <3.0 - Session Hijacking

CVE-2025-31952 HIGH

HCL iAutomate - Insufficient Session Expiration

CVE-2025-53826 CRITICAL

File Browser <2.39.0 - Info Disclosure

CVE-2025-53642 MEDIUM

haxcms-nodejs and haxcms-php < 11.0.6 - Insufficient Session Expiration

CVE-2025-4407 MEDIUM

ABB Lite Panel Pro <1.0.1 - Info Disclosure

CVE-2025-49152 HIGH

Microsens NMP Web+ < Version 3.2.5 - Insufficient Session Expiration via Non-Expiring JWT

CVE-2025-4754 LOW

ash_authentication_phoenix < 2.10.0 - Insufficient Session Expiration in Controller

CVE-2025-25019 MEDIUM

IBM QRadar Suite Software <1.11.2.0 - Info Disclosure

CVE-2025-33005 MEDIUM

IBM Planning Analytics Local <2.1 - Privilege Escalation

CVE-2025-48929 MEDIUM

TeleMessage < 2025-05-05 - Insufficient Session Expiration

CVE-2025-48061 MEDIUM

wire-webapp < 2025-05-20-production.0 - Insufficient Session Expiration

CVE-2025-0138 LOW

Palo Alto Networks Prisma Cloud Compute - Info Disclosure

CVE-2025-40566 HIGH

SIMATIC PCS neo < V4.1 Update 3 and < V5.0 Update 1 - Insufficient Session Expiration

CVE-2025-46741 MEDIUM

SEL Blueframe OS < 1.12.0 - Insufficient Session Expiration

CVE-2025-4528 MEDIUM

Dgitro NGC Explorer < 3.44.15 - Insufficient Session Expiration

CVE-2025-46336 MEDIUM

Rack::Session <2.1.1 - Privilege Escalation

CVE-2025-32441 MEDIUM

Rack < 2.2.14 - Unauthenticated Session Restoration via Race Condition in Rack::Session::Pool

Previous Page 6 of 22 Next

Details

Vulnerabilities 531

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy