CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2008-5964
https://notcve.org/view.php?id=CVE-2008-5964
Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. Vulnerabilidad de fijación de sesión en Social ImpressCMS antes de v1.1.1 RC1, permite a atacantes remotos secuestrar sesiones web estableciendo el parámetro "PHSESSID". • http://osvdb.org/50413 http://secunia.com/advisories/32985 http://sourceforge.net/forum/forum.php?forum_id=893767 http://wiki.impresscms.org/index.php?title=Change_Log#2008-12-2_:_1.1.1_RC http://www.securityfocus.com/archive/1/498734/100/0/threaded http://www.securityfocus.com/archive/1/498885/100/0/threaded http://www.securityfocus.com/bid/32495 https://exchange.xforce.ibmcloud.com/vulnerabilities/46989 • CWE-287: Improper Authentication •