Lucene search
Veracode Vulnerability DatabaseVERACODE:44095HistoryNov 01, 2023 - 2:47 p.m.
Insecure Session Management
2023-11-0114:47:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
software vulnerability session
.
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
18.1%
thorsten/phpmyfaq is vulnerable to Insecure Session Management. The vulnerability exists because the sessions are not securely handled which allows an attacker to perform unauthorized actions.
Related
cve
cve
CVE-2023-5866
2023-10-31 01:15:07
cnvd
cnvd
phpMyFAQ Information Disclosure Vulnerability
2023-11-02 00:00:00
github
github
prion
prion
Session fixation
2023-10-31 01:15:00
cvelist
cvelist
huntr
huntr
Cookie without Secure flag
2023-09-08 14:10:50
vulnrichment
vulnrichment
osv
osv
CVE-2023-5866
2023-10-31 01:15:07
nvd
nvd
CVE-2023-5866
2023-10-31 01:15:07
openvas
openvas
phpMyFAQ < 3.2.1 Multiple Vulnerabilities
2023-11-02 00:00:00
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
18.1%
Related for VERACODE:44095