By weakness (CWE)

CWE-384: related vulnerabilities

CVEs classified under CWE-384. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

1 published vulnerability

  • CVE-2026-11335MEDIUM 6.3

    A session fixation vulnerability has been discovered in tittuvarghese CollegeManagementSystem. An attacker can manipulate the UserAuthData parameter in the login form to hijack a user's session, potentially gaining unauthorized access to college management functions without requiring strong authentication. The vulnerability is remotely exploitable and does not require special access—any unauthenticated user can attempt the attack. Public exploit code is available, increasing the practical risk.