phpWishlist $_SESSION Variable Remote Privilege Escalation

2005-07-07T15:43:30
ID OSVDB:17864
Type osvdb
Reporter OSVDB
Modified 2005-07-07T15:43:30

Description

Solution Description

Upgrade to version 0.1.15 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://phpwishlist.sourceforge.net/ Security Tracker: 1014432 CVE-2005-2203 Bugtraq ID: 14202