Description
Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
References (5)
Core 5
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32021
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/31495
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45526
Various Sources x_refsource_confirm
http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog
Various Sources x_refsource_misc
http://www.majorsecurity.de/index_2.php?major_rls=major_rls55
Scores
EPSS
0.0126
EPSS Percentile
65.8%
Details
CWE
CWE-287
Status
published
Products (20)
mozilo/mozilocms
1.0
mozilo/mozilocms
1.1
mozilo/mozilocms
1.1.1
mozilo/mozilocms
1.2
mozilo/mozilocms
1.3
mozilo/mozilocms
1.3.1
mozilo/mozilocms
1.4
mozilo/mozilocms
1.5
mozilo/mozilocms
1.6
mozilo/mozilocms
1.6.1
... and 10 more
Published
Feb 13, 2009
Tracked Since
Feb 18, 2026