Skip to main content

Session

3 CVEs product

Monthly

CVE-2024-2045 MEDIUM POC This Month

Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Session
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-1955 MEDIUM POC This Month

Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Session
NVD GitHub
CVSS 3.1
4.6
EPSS
0.4%
CVE-2015-8566 PHP HIGH POC PATCH This Week

The Session package 1.x before 1.3.1 for Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Session
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.1%
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Session
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM POC This Month

Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Session
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

The Session package 1.x before 1.3.1 for Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Session
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy