CVE-2008-6131

MoziloWiki <1.0.1 - Info Disclosure

Title source: llm

Description

Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.

References (6)

[Mailing List] http://marc.info/?l=bugtraq&m=122278832621348&w=2

[Vendor Advisory] http://secunia.com/advisories/32024

[Various Sources] http://www.majorsecurity.de/index_2.php?major_rls=major_rls56

[Third Party Advisory] http://wiki.mozilo.de/index.php?page=Changelog

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/31493

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/45528

Scores

EPSS 0.0070

EPSS Percentile 71.8%

Classification

CWE

CWE-287

Status draft

Affected Products (6)

mozilo/mozilowiki < 1.0.1

mozilo/mozilowiki

mozilo/mozilowiki

mozilo/mozilowiki

mozilo/mozilowiki

mozilo/mozilowiki

Timeline

Published Feb 13, 2009

Tracked Since Feb 18, 2026