CVE-2008-6599

2009-04-03T14:30:00
ID CVE-2008-6599
Type cve
Reporter NVD
Modified 2017-08-16T21:29:25

Description

cookiecheck.php in CookieCheck 1.0 stores tmp/cc_sessions under the web root with insufficient access control, which allows remote attackers to obtain session data via a direct request related to the "default session save path."