Vulnerabilities > Reliance on Cookies without Validation and Integrity Checking
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-9820 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Dueclic WP 2FA With Telegram The WP 2FA with Telegram plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 3.0. | 7.5 |
| 2024-07-14 | CVE-2024-39734 | Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Datacap IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2023-12-18 | CVE-2023-32725 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Zabbix Frontend and Zabbix Server The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. | 8.8 |
| 2023-09-07 | CVE-2023-3747 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Cloudflare Warp 6.29 Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. | 5.5 |
| 2023-06-20 | CVE-2023-35885 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Mgt-Commerce Cloudpanel CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. | 9.8 |
| 2023-02-01 | CVE-2022-3083 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Landisgyr E850 Firmware All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session cookie. | 5.4 |
| 2022-09-12 | CVE-2022-38297 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Ucms Project Ucms 1.6 UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning. | 9.8 |
| 2022-08-12 | CVE-2022-2615 | Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-07-25 | CVE-2022-35284 | Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Security Verify Information Queue 10.0.2 IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. | 7.5 |
| 2022-07-18 | CVE-2022-30620 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Cellinx NVT - IP PTZ Camera Firmware 3.2.0/3.2.1 On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "is_admin", "showConfig". | 8.8 |