Vulnerabilities > Reliance on Cookies without Validation and Integrity Checking
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-18 | CVE-2023-32725 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Zabbix Frontend and Zabbix Server The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. | 8.8 |
| 2023-10-16 | CVE-2023-45141 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Gofiber Fiber Fiber is an express inspired web framework written in Go. | 8.8 |
| 2023-09-18 | CVE-2023-41084 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Socomec Modulys GP Firmware 01.12.10 Session management within the web application is incorrect and allows attackers to steal session cookies to perform a multitude of actions that the web app allows on the device. | 9.8 |
| 2023-09-07 | CVE-2023-3747 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Cloudflare Warp 6.29 Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. | 5.5 |
| 2023-06-20 | CVE-2023-35885 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Mgt-Commerce Cloudpanel CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. | 9.8 |
| 2023-06-13 | CVE-2023-3050 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Tmtmakine Lockcell Firmware Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass.This issue affects Lockcell: before 15. | 9.8 |
| 2023-02-01 | CVE-2022-3083 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Landisgyr E850 Firmware All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session cookie. | 5.4 |
| 2022-08-12 | CVE-2022-2615 | Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-07-18 | CVE-2022-30620 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Cellinx NVT - IP PTZ Camera Firmware 3.2.0/3.2.1 On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "is_admin", "showConfig". | 8.8 |
| 2022-06-09 | CVE-2016-15002 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Ideracorp Webyog Monyog Ultimate 6.63 A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. | 6.5 |