Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-565 (在信任Cookie未进行验证与完整性检查) — Vulnerability Class 20

20 vulnerabilities classified as CWE-565 (在信任Cookie未进行验证与完整性检查). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-39963 Serendipity: Host Header Injection enables authentication cookie scoping to an attacker-controlled domain — Serendipity 6.9 Medium2026-04-14
CVE-2026-5130 Debugger & Troubleshooter <= 1.3.2 - Unauthenticated Privilege Escalation to Administrator via Cookie Manipulation — Debugger & Troubleshooter 8.8 High2026-03-30
CVE-2014-125112 Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution — Plack::Middleware::Session::Cookie 9.8AICriticalAI2026-03-26
CVE-2022-50926 WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation — WAGO 750-8212 PFC200 9.8 Critical2026-01-13
CVE-2025-14440 JAY Login & Register <= 2.4.01 - Authentication Bypass via Cookie — JAY Login & Register 9.8 Critical2025-12-13
CVE-2021-47706 COMMAX Biometric Access Control System Authentication Bypass — COMMAX Biometric Access Control System 7.5AIHighAI2025-12-09
CVE-2025-64447 Fortinet FortiWeb 安全漏洞 — FortiWeb 7.1 High2025-12-09
CVE-2025-31120 NamelessMC Vulnerable to Cookie-Based View Count Manipulation — Nameless 5.3 Medium2025-04-18
CVE-2025-2395 e-Excellence U-Office Force - Improper Authentication — U-Office Force 9.8 Critical2025-03-17
CVE-2024-9970 NewType FlowMaster BPM Plus - Privilege Escalation — FlowMaster BPM Plus 8.8 High2024-10-15
CVE-2024-0947 Cookies Manipulation in Talya Informatics' Elektraweb — Elektraweb 9.8 Critical2024-06-27
CVE-2024-21872 Electrolink FM/DAB/TV Transmitter Reliance on Cookies without Validation and Integrity Checking — Compact DAB Transmitter 7.5 High2024-04-18
CVE-2024-22186 Electrolink FM/DAB/TV Transmitter Reliance on Cookies without Validation and Integrity Checking — Compact DAB Transmitter 8.8 High2024-04-18
CVE-2023-32725 Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget. — Zabbix 9.6 Critical2023-12-18
CVE-2023-41084 Socomec MOD3GP-SY-120K Reliance on Cookies without Validation and Integrity Checking — MODULYS GP (MOD3GP-SY-120K) 10.0 Critical2023-09-18
CVE-2021-3818 Reliance on Cookies without Validation and Integrity Checking in getgrav/grav — getgrav/grav--2021-09-27
CVE-2021-33842 Circutor SGE-PLC1000 improper authentication — SGE-PLC1000 8.8 High2021-06-09
CVE-2021-29624 Lack of protection against cookie tossing attacks in fastify-csrf — fastify-csrf 6.5 Medium2021-05-19
CVE-2020-15128 Reliance on Cookies without validation in OctoberCMS — october 6.1 Medium2020-07-31
CVE-2018-5455 Moxa OnCell G3100-HSPA Series 安全漏洞 — Moxa OnCell G3100-HSPA Series 9.8 -2018-03-05

Vulnerabilities classified as CWE-565 (在信任Cookie未进行验证与完整性检查) represent 20 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.