Vulnerabilities > Reliance on Cookies without Validation and Integrity Checking
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-02 | CVE-2019-7266 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Nortekcontrol products Linear eMerge 50P/5000P devices allow Authentication Bypass. | 9.8 |
| 2019-01-03 | CVE-2018-20512 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Cdatatec Epon Cpe-Wifi Devices Firmware 2.0.4X000 EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies. | 9.8 |
| 2018-11-12 | CVE-2018-19224 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Laobancms 2.0 An issue was discovered in LAOBANCMS 2.0. | 7.5 |
| 2018-04-17 | CVE-2018-5190 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Picturespro 7.1.0 PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access arbitrary customer accounts via a modified cookie, related to pc_head.php, pc_login.php, and pc_login_page.php. | 9.8 |
| 2017-07-17 | CVE-2017-8034 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Cloudfoundry Capi-Release and Cf-Release The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v0.159.0, CF-release versions prior to v267) do not validate the issuer on JSON Web Tokens (JWTs) from UAA. | 6.6 |
| 2017-04-12 | CVE-2017-7279 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Unitrends Enterprise Backup 7.3.0/8.2.08 An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login. | 9.8 |
| 2017-03-14 | CVE-2017-6896 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Digisol Dg-Hr1400 Router Firmware 1.00.02 Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wireless router enables an attacker to escalate from user privilege to admin privilege just by modifying the Base64-encoded session cookie value. | 8.8 |
| 2008-12-31 | CVE-2008-5784 | Reliance on Cookies without Validation and Integrity Checking vulnerability in V3Chat V3 Chat Profiles Dating Script 3.0.2 V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1. | 9.8 |