Vulnerabilities > Citadel > Webcit > High

DATE CVE VULNERABILITY TITLE RISK
2020-10-28 CVE-2020-27739 Insufficient Session Expiration vulnerability in Citadel Webcit 7.10/926
A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote attackers to hijack recently logged-in users' sessions.
network
low complexity
citadel CWE-613
7.5
2009-03-26 CVE-2009-0364 USE of Externally-Controlled Format String vulnerability in Citadel Webcit
Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
citadel CWE-134
7.5
2007-07-17 CVE-2007-3821 Input Validation vulnerability in Citadel Webcit 7.10
Cross-site request forgery (CSRF) vulnerability in Webcit before 7.11 allows remote attackers to modify configurations and perform other actions as arbitrary users via unspecified vectors.
network
low complexity
citadel
7.5