CVE-2010-0756

2010-02-2700:00:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.7%

JSON

Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote attackers to hijack web sessions by setting the jsessionid parameter to (1) index.php/Comment/Main, (2) index.php/Comment/Main/Home_Wiky, or (3) index.php/Edit/Main.

References

packetstormsecurity.org/1002-exploits/wikyblog-rfishellxss.txt

www.exploit-db.com/exploits/11560

www.securityfocus.com/bid/38386

exchange.xforce.ibmcloud.com/vulnerabilities/56594