CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 1CVE-2007-6546 – RunCMS 1.6 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-6546
RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id. RunCMS anterior a 1.6.1 usa un identificador de sesión predecible, lo cual facilita a los atacantes remotos secuestrar sesiones mediante un id modificado. • https://www.exploit-db.com/exploits/4790 http://osvdb.org/41245 http://securityreason.com/securityalert/3493 http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131 http://www.securityfocus.com/archive/1/485512/100/0/threaded http://www.securityfocus.com/bid/27019 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6549
https://notcve.org/view.php?id=CVE-2007-6549
Unspecified vulnerability in RunCMS before 1.6.1 has unknown impact and attack vectors, related to "pagetype using." Vulnerabilidad no especificada en RunCMS anterior a 1.6.1 tiene impacto y vectores de ataque desconocidos, relacionados con "el uso de pagetype (tipo de página)". • http://osvdb.org/41252 http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131 https://exchange.xforce.ibmcloud.com/vulnerabilities/39299 •