Vulnerabilities > Reliance on Cookies without Validation and Integrity Checking
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-18 | CVE-2022-30620 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Cellinx NVT - IP PTZ Camera Firmware 3.2.0/3.2.1 On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "is_admin", "showConfig". | 8.8 |
| 2022-06-09 | CVE-2016-15002 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Ideracorp Webyog Monyog Ultimate 6.63 A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. | 6.5 |
| 2022-05-25 | CVE-2022-29248 | Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products Guzzle is a PHP HTTP client. | 8.1 |
| 2022-05-18 | CVE-2022-22785 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Zoom Meetings The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly constrain client session cookies to Zoom domains. | 6.4 |
| 2022-04-15 | CVE-2022-28113 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Fantec Mwid25-Ds Firmware 2.000.030 An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie. | 9.0 |
| 2022-04-04 | CVE-2022-1148 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Gitlab Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's access token on an attacker-controlled private GitLab Pages website and reuse that token on the victim's other private websites | 6.5 |
| 2022-01-21 | CVE-2021-36338 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Dell products Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. | 8.0 |
| 2022-01-01 | CVE-2021-41819 | Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. | 7.5 |
| 2021-09-27 | CVE-2021-3818 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Getgrav Grav grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking | 5.0 |
| 2021-06-09 | CVE-2021-33842 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Circutor Sge-Plc1000 Firmware 0.9.2B Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user. | 8.8 |