Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing session_id) can impersonate a session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
DAViCal Andrew’s Web Libraries 授权问题漏洞
Vulnerability Description
DAViCal Andrew’s Web Libraries(AWL)是英国Andrew McMillan软件开发者的一个AWL项目,主要为DAViCal(日历共享服务器)提供一些共享PHP库。 DAViCal AWL 0.60及之前版本中存在授权问题漏洞,该漏洞源于会话管理机制没有使用安全性较高的会话密钥。远程攻击者可利用该漏洞实施会话伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A