CVE-2008-5964

Social ImpressCMS <1.1.1 RC1 - Info Disclosure

Title source: llm

Description

Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.

References (8)

Scores

EPSS 0.0087
EPSS Percentile 75.0%

Classification

CWE
CWE-287
Status draft

Affected Products (5)

impresscms/impresscms < 1.0.3
impresscms/impresscms
impresscms/impresscms
impresscms/impresscms
impresscms/impresscms

Timeline

Published Jan 23, 2009
Tracked Since Feb 18, 2026