web.go suffers from an insecure cookie vulnerability. Their cookie is modeled after Tornado which had the same issue reported on in 2010.

PHPDirector version 0.30 suffers from an insecure cookie handling vulnerability that allows for privilege escalation.

AV Arcade Pro version 5.4.3 suffers from an insecure cookie vulnerability that allows for access bypass.

Paddelberg Topsite Script version 1.2.3 suffers from an authentication bypass vulnerability due to insecure cookie handling.

NICE Recording eXpress versions 6.0.x, 6.1.x, 6.2.x, 6.3.x, and 6.5.x suffer from cross site scripting, root backdoor, unauthenticated access, fail authorization, insecure cookie handling, and remote SQL injection vulnerabilities.

ResourceSpace suffers from cross site scripting, html injection, insecure cookie handling, and remote SQL injection vulnerabilities. Versions 6.4.5976 and below are affected.

Totaljs CMS version 12.0 mints an insecure cookie that can be used to crack the administrator password.

Symantec Endpoint Protection versions 14.2.5323.2000, 14.2.5569.2100, and 14.2.5587.2100 suffer from a race condition vulnerability.

This Metasploit module exploits a stack buffer overflow in ASX to MP3 converter 3.1.3.7. By constructing a specially crafted ASX file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode. Tested on: Microsoft Windows 7 Enterprise, 6.1.7601 Service Pack 1 Build 7601, x64-based PC Microsoft Windows 10 Pro, 10.0.18362 N/A Build 18362, x64-based PC.

9 bytes small Microsoft Windows 7 screen locking shellcode.

Prestashop versions 1.7.6.4 and below suffer from code execution, cross site request forgery, and cross site scripting vulnerabilities.

QRadar Community Edition version 7.3.1.6 suffers from cross site request forgery and weak access control vulnerabilities.

Complaint Management System version 4.2 suffers from a cross site request forgery vulnerability.

ATutor version 2.2.4 suffers from a language_import arbitrary file upload that allows for command execution.

DCNM exposes a file upload servlet (FileUploadServlet) at /fm/fileUpload. An authenticated user can abuse this servlet to upload a WAR to the Apache Tomcat webapps directory and achieve remote code execution as root. This module exploits two other vulnerabilities, CVE-2019-1619 for authentication bypass on versions 10.4(2) and below, and CVE-2019-1622 (information disclosure) to obtain the correct directory for the WAR file upload. This module was tested on the DCNM Linux virtual appliance 10.4(2), 11.0(1) and 11.1(1), and should work on a few versions below 10.4(2). Only version 11.0(1) requires authentication to exploit (see References to understand why).

IBM Bigfix Platform version 9.5.9.62 suffers from an arbitrary file upload vulnerability as root that can achieve remote code execution.

Linear eMerge E3 versions 1.00-06 and below arbitrary file upload remote root code execution exploit.