CVE-2024-0349
LOWDescription
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to sensitive cookie without secure attribute. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-250117 was assigned to this vulnerability.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| engineers_online_portal_project | engineers_online_portal |
References
Frequently Asked Questions
What is CVE-2024-0349? +
How severe is CVE-2024-0349? +
What products are affected by CVE-2024-0349? +
How do I check if I'm vulnerable to CVE-2024-0349? +
Related Vulnerabilities
This vulnerability exists in Digisol DG-GR6821AC Router due to misconfiguration of both Secure and HttpOnly flags on session cookies associated …
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 25.0.0 and prior to version 26.0.0, …
This vulnerability exists in the CP Plus Router due to insecure handling of cookie flags used within its web interface. …
Boruta is a standalone authorization server that aims to implement OAuth 2.0 and Openid Connect up to decentralized identity specifications. …
Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was …
Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, due to …