CVE-2008-5575

Session fixation vulnerability in Pro Clan Manager 0.4.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Affected Products (NVD)
VendorProductVersion
proclanmanagerpro_clan_manager
𝑥
≤ 0.4.2
proclanmanagerpro_clan_manager
0.1.0
proclanmanagerpro_clan_manager
0.1.5
proclanmanagerpro_clan_manager
0.2.0
proclanmanagerpro_clan_manager
0.4.0
proclanmanagerpro_clan_manager
0.4.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://securityreason.com/securityalert/4752
http://www.securityfocus.com/archive/1/498864/100/0/threaded
http://www.securityfocus.com/bid/32606
https://exchange.xforce.ibmcloud.com/vulnerabilities/47036
http://securityreason.com/securityalert/4752
http://www.securityfocus.com/archive/1/498864/100/0/threaded
http://www.securityfocus.com/bid/32606
https://exchange.xforce.ibmcloud.com/vulnerabilities/47036