Required CVE Record Information
Description
Session fixation vulnerability in onelook obo Shop allows remote attackers to hijack web sessions by setting a PHPSESSID cookie.
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- http://www.majorsecurity.de/index_2.php?major_rls=major_rls40 x_transferred
- securityfocus.com: 20070406 [MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue mailing-listx_transferred
- exchange.xforce.ibmcloud.com: oboshop-phpsessid-security-bypass(33500) vdb-entryx_transferred