Description
Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
References (6)
Core 6
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=122278832621348&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45528
Third Party Advisory x_refsource_confirm
http://wiki.mozilo.de/index.php?page=Changelog
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32024
Various Sources x_refsource_misc
http://www.majorsecurity.de/index_2.php?major_rls=major_rls56
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/31493
Scores
EPSS
0.0118
EPSS Percentile
63.7%
Details
CWE
CWE-287
Status
published
Products (6)
mozilo/mozilowiki
0.7
mozilo/mozilowiki
0.8
mozilo/mozilowiki
0.9
mozilo/mozilowiki
0.10
mozilo/mozilowiki
1.0.0
mozilo/mozilowiki
< 1.0.1
Published
Feb 13, 2009
Tracked Since
Feb 18, 2026