An Incorrect Access Control vulnerability has been identified in Citrix XenMobile Server 10.8.0 before Rolling Patch 6 and 10.9.0 before Rolling Patch 3. An attacker can impersonate and take actions on behalf of any Mobile Application Management (MAM) enrolled device.
Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie.
Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities
WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability
A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user ...
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to con...