Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sid vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-15600
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c.
Gnu Libextractor 1.4
NA
CVE-2008-0960
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x prior to 5.2.4.1, 5.3.x prior to 5.3.2.1, and 5.4.x prior to 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 up to and including 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3R...
Juniper Session And Resource Control 1.0
Juniper Session And Resource Control 2.0
Juniper Src Pe 1.0
Juniper Src Pe 2.0
1 EDB exploit
5.5
CVSSv3
CVE-2017-15922
In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c.
Gnu Libextractor 1.4
9.8
CVSSv3
CVE-2024-25314
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2.
Hotel Management System Project Hotel Management System 1.0
9.8
CVSSv3
CVE-2020-29659
A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous malicious user to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack.
Flexense Dupscout 10.0.18
NA
CVE-2000-1200
Windows NT allows remote malicious users to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.
Microsoft Windows Nt 4.0
NA
CVE-2005-4731
The Next action in PEAR HTML_QuickForm_Controller 1.0.4 includes the SID in the URL even when session.use_only_cookies is configured, which allows remote malicious users to obtain the SID via an HTTP Referer field and possibly other vectors.
The Php Group Pear Html Quickform Controller 1.0.4
NA
CVE-2005-2380
Multiple cross-site scripting vulnerabilities in PHP Surveyor 0.98 allow remote malicious users to inject arbitrary web script or HTML via the (1) sid, (2) start, and (3) id parameters to browse.php, or the sid parameter to (4) dataentry.php or (5) export.php.
Php Surveyor Php Surveyor 0.98
7.6
CVSSv3
CVE-2021-27771
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sendi...
Hcltech Sametime 11.6
NA
CVE-2005-2031
Multiple SQL injection vulnerabilities in socialMPN allow remote malicious users to execute arbitrary SQL commands via (1) the sid parameter to article.php, (2) uname parameter to user.php, (3) siteid parameter to viewforum.php, (4) username parameter to newtopic.php, the (5) sec...
Socialmpn Socialmpn
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »