Application is Vulnerable to Session Fixation

Read Time:20 Second

Posted by YOGESH BHANDAGE on Mar 27

*Vulnerability Name – *Application is Vulnerable to Session Fixation

*Vulnerable URL: *www.fusionpbx.com

*Overview of the Vulnerability*
Session fixation is a security vulnerability that occurs when an attacker
sets or fixes a user’s session identifier, manipulating the authentication
process. Typically exploited in web applications, this vulnerability allows
the attacker to force a user’s session ID to a known value, granting…

A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution

A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source...

December 23, 2024

CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 21 CyberDanube Security Research 20241219-0 ------------------------------------------------------------------------------- title| Authenticated Remote Code...

December 22, 2024

USN-7179-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...

December 20, 2024

USN-7173-2: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...

December 20, 2024

swiftlint-0.57.1-1.fc42

FEDORA-2024-87d30b4fbf Packages in this update: swiftlint-0.57.1-1.fc42 Update description: Automatic update for swiftlint-0.57.1-1.fc42. Changelog * Fri Dec 20 2024 Davide Cavalca...

December 20, 2024

USN-7166-3: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

December 20, 2024

Ransomware Attack Exposes Data of 5.6 Million Ascension Patients

Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP

Criminal Complaint against LockBit Ransomware Writer

Cryptomining Malware Found in Popular Open Source Packages

Interpol Identifies Over 140 Human Traffickers in New Initiative

ICO Warns of Mobile Phone Festive Privacy Snafu

Friday Squid Blogging: Squid Sticker

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers

Application is Vulnerable to Session Fixation

A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution

CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205

USN-7179-1: Linux kernel vulnerabilities

USN-7173-2: Linux kernel vulnerabilities

swiftlint-0.57.1-1.fc42

USN-7166-3: Linux kernel (HWE) vulnerabilities