CVE-2008-6039

EUVD-2008-6009
Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
bluepagebluepage_cms
𝑥
≤ 2.5
bluepagebluepage_cms
2.4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/31968
http://www.majorsecurity.de/index_2.php?major_rls=major_rls53
http://www.securityfocus.com/archive/1/496582/100/0/threaded
http://www.securityfocus.com/bid/31315
https://exchange.xforce.ibmcloud.com/vulnerabilities/45323
http://secunia.com/advisories/31968
http://www.majorsecurity.de/index_2.php?major_rls=major_rls53
http://www.securityfocus.com/archive/1/496582/100/0/threaded
http://www.securityfocus.com/bid/31315
https://exchange.xforce.ibmcloud.com/vulnerabilities/45323