VYPR
Critical severity9.8NVD Advisory· Published Jul 13, 2018· Updated Jun 17, 2026

CVE-2016-6545

CVE-2016-6545

Description

Session cookies are not used for maintaining valid sessions in iTrack Easy. The user's password is passed as a POST parameter over HTTPS using a base64 encoded passwd field on every request. In this implementation, sessions can only be terminated when the user changes the associated password.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.