CVE-2019-7747

CRITICAL

DbNinja 3.2.7 - Info Disclosure

Title source: llm

DbNinja 3.2.7 allows session fixation via the data.php sessid parameter.

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

CVSS v3 9.6

EPSS 0.0044

EPSS Percentile 63.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE

CWE-384

Status published

Products (1)

dbninja/dbninja 3.2.7

Published Feb 11, 2019

Tracked Since Feb 18, 2026