CVE-2007-1966

Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie.

Published : 2007-04-11 10:19 Updated : 2008-09-05 04:00

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Exv2 Content Management System 2.0.4.3 cpe:/a:exv2:content_management_system:2.0.4.3
  1. Exv2 (1) Search CVE
    1. Content Management System (1) Search CVE
      1. 2.0.4.3

CWE

ID Name Description Links
CWE-287 Improper Authentication When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. CVE

History of changes

Date Event
2007-04-11 10:19

New CVE