CVE-2008-2970

2008-07-0217:00:00

mitre

www.cve.org

6.9 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.2%

JSON

Multiple session fixation vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allow remote attackers to hijack web sessions by setting the PHPSESSID parameter to (1) index.php and (2) login.php in homepg/.

References

securityreason.com/securityalert/3959

www.bugreport.ir/?/44

www.securityfocus.com/archive/1/493472/100/0/threaded

www.securityfocus.com/bid/29813

exchange.xforce.ibmcloud.com/vulnerabilities/43179