Vulnerabilities > Reliance on Cookies without Validation and Integrity Checking

DATE CVE VULNERABILITY TITLE RISK
2022-06-09 CVE-2016-15002 Reliance on Cookies without Validation and Integrity Checking vulnerability in Ideracorp Webyog Monyog Ultimate 6.63
A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63.
network
low complexity
ideracorp CWE-565
8.8
2022-05-25 CVE-2022-29248 Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products
Guzzle is a PHP HTTP client.
network
low complexity
guzzlephp drupal debian CWE-565
8.1
2022-05-18 CVE-2022-22785 Reliance on Cookies without Validation and Integrity Checking vulnerability in Zoom Meetings
The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly constrain client session cookies to Zoom domains.
network
low complexity
zoom CWE-565
critical
9.1
2022-04-15 CVE-2022-28113 Reliance on Cookies without Validation and Integrity Checking vulnerability in Fantec Mwid25-Ds Firmware 2.000.030
An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie.
network
low complexity
fantec CWE-565
7.2
2022-04-04 CVE-2022-1148 Reliance on Cookies without Validation and Integrity Checking vulnerability in Gitlab
Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's access token on an attacker-controlled private GitLab Pages website and reuse that token on the victim's other private websites
network
low complexity
gitlab CWE-565
6.5
2022-01-21 CVE-2021-36338 Reliance on Cookies without Validation and Integrity Checking vulnerability in Dell products
Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability.
low complexity
dell CWE-565
8.0
2022-01-01 CVE-2021-41819 Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names.
7.5
2021-09-27 CVE-2021-3818 Reliance on Cookies without Validation and Integrity Checking vulnerability in Getgrav Grav
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking
network
low complexity
getgrav CWE-565
5.3
2021-06-09 CVE-2021-33842 Reliance on Cookies without Validation and Integrity Checking vulnerability in Circutor Sge-Plc1000 Firmware 0.9.2B
Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user.
low complexity
circutor CWE-565
8.8
2021-04-06 CVE-2021-28171 Reliance on Cookies without Validation and Integrity Checking vulnerability in Deltaflow Project Deltaflow
The Vangene deltaFlow E-platform does not take properly protective measures.
network
low complexity
deltaflow-project CWE-565
critical
9.8