CVE-2024-8643

Same vendor

• CVE-2024-8644 — Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hij... (7.5 HIGH)
• CVE-2024-8609 — Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information (7.5 HIGH)
• CVE-2024-8608 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Oceanic Software ValeApp all... (5.4 MEDIUM)
• CVE-2024-8607 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oceanic Software ValeApp allows SQL... (9.8 CRITICAL)

Same CWE

• CVE-2009-10007 — Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks (9.1 CRITICAL)
• CVE-2026-41839 — A WebFlux application with a compromised subdomain (for example, compromised via cross-site scripting (XSS)) is vulnerable to an escalati... (4.2 MEDIUM)
• CVE-2026-11335 — A flaw has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500e... (6.3 MEDIUM)
• CVE-2025-67446 — Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before (9.8 CRITICAL)
• CVE-2026-33384 — QuickCMS allows a user's session identifier to be set before authentication