Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sid vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0772
SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote malicious users to execute arbitrary SQL commands via the sid parameter in a view task.
Joomla Com Doc
Mambo Com Doc
1 EDB exploit
6.1
CVSSv3
CVE-2020-13228
An issue exists in Sysax Multi Server 6.90. There is reflected XSS via the /scgi sid parameter.
Sysax Multi Server 6.90
1 Github repository
NA
CVE-2009-4317
Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez Cart allows remote malicious users to inject arbitrary web script or HTML via the sid parameter in a showcat action.
Scriptsez Ez Cart
NA
CVE-2002-2178
Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote malicious users to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag.
Phpwebsite Phpwebsite 0.8.3
2 EDB exploits
NA
CVE-2024-29640
An issue in aliyundrive-webdav v.2.3.3 and before allows a remote malicious user to execute arbitrary code via a crafted payload to the sid parameter in the action_query_qrcode component.
8.8
CVSSv3
CVE-2020-13229
An issue exists in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token.
Sysax Multi Server 6.90
1 Github repository
NA
CVE-2005-3811
Directory traversal vulnerability in admin/main.php in AMAX Magic Winmail Server 4.2 (build 0824) and previous versions allows remote malicious users to overwrite arbitrary files with session information via the sid parameter.
Amax Information Technologies Magic Winmail Server
1 EDB exploit
9.8
CVSSv3
CVE-2023-48929
Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. The 'sid' parameter in the group_status.asp resource allows an malicious user to escalate privileges and obtain sensitive information.
Franklin-electric System Sentinel Anyware 1.6.24.492
NA
CVE-2006-5416
Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 Networks FirePass 1000 SSL VPN 5.5, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via the sid parameter.
F5 Firepass 1000 5.5
NA
CVE-1999-0995
Windows NT Local Security Authority (LSA) allows remote malicious users to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request."
Microsoft Windows Nt 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »