CVE-2008-6128

EUVD-2008-6098
Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
mozilomozilocms
𝑥
≤ 1.10.2
mozilomozilocms
1.0
mozilomozilocms
1.1
mozilomozilocms
1.1.1
mozilomozilocms
1.2
mozilomozilocms
1.3
mozilomozilocms
1.3.1
mozilomozilocms
1.4
mozilomozilocms
1.5
mozilomozilocms
1.6
mozilomozilocms
1.6.1
mozilomozilocms
1.6.2
mozilomozilocms
1.7
mozilomozilocms
1.8
mozilomozilocms
1.9
mozilomozilocms
1.9.1
mozilomozilocms
1.9.2
mozilomozilocms
1.9.3
mozilomozilocms
1.10
mozilomozilocms
1.10.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog
http://secunia.com/advisories/32021
http://www.majorsecurity.de/index_2.php?major_rls=major_rls55
http://www.securityfocus.com/bid/31495
https://exchange.xforce.ibmcloud.com/vulnerabilities/45526
http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog
http://secunia.com/advisories/32021
http://www.majorsecurity.de/index_2.php?major_rls=major_rls55
http://www.securityfocus.com/bid/31495
https://exchange.xforce.ibmcloud.com/vulnerabilities/45526