3964 matches found
CVE-2007-1949
Session fixation vulnerability in WebBlizzard CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
Session fixation
Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
CVE-2007-1952
Session fixation vulnerability in onelook onebyone CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
CVE-2007-1951
Session fixation vulnerability in onelook obo Shop allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
CVE-2007-1953
CVE-2007-1953 is a session fixation vulnerability described as allowing remote attackers to hijack web sessions by setting a PHPSESSID cookie in onelook courts online. The connected documents provide the description but do not include concrete technical details (affected version/component/root ca...
CVE-2007-1951
Session fixation vulnerability in onelook obo Shop allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
CVE-2007-1953
Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
CVE-2007-1949
The CVE-2007-1949 entry describes a Session fixation vulnerability in WebBlizzard CMS where an attacker can hijack user sessions by setting a PHPSESSID cookie. The connected documents confirm the flaw affects WebBlizzard CMS and exposes session integrity risk, allowing remote exploitation via coo...
CVE-2007-1951
The CVE-2007-1951 entry concerns a session fixation vulnerability in the onelook obo Shop where an attacker can hijack sessions by setting a PHPSESSID cookie. Affected component: web application/session handling within onelook obo Shop. Root cause: improper handling of PHPSESSID cookies allowing ...
CVE-2007-1949
Session fixation vulnerability in WebBlizzard CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
CVE-2007-1952
CVE-2007-1952 concerns the onelook onebyone CMS . The vulnerability is a session fixation flaw that allows remote attackers to hijack web sessions by setting a PHPSESSID cookie. The description explicitly ties the issue to session fixation via PHPSESSID, enabling partial confidentiality and integ...
CVE-2007-1952
Session fixation vulnerability in onelook onebyone CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
[MajorSecurity Advisory #41]onelook courts online - Session fixation Issue
MajorSecurity Advisory 41onelook courts online - Session fixation Issue Details ======= Product: courts online Remote-Exploit: yes Vendor-URL: http://www.onebyone.ch/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz http://www.majorsecurity....
[MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue
MajorSecurity Advisory 39onelook onebyone CMS - Session fixation Issue Details ======= Product: onebyone CMS Remote-Exploit: yes Vendor-URL: http://www.onebyone.ch/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz http://www.majorsecurity.de...
[MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues
MajorSecurity Advisory 42webblizzard CMS - Cross Site Scripting and Session fixation Issues Details ======= Product: webblizzard CMS Remote-Exploit: yes Vendor-URL: http://www.webblizzard.de/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz...
[MajorSecurity Advisory #40]onelook oboShop - Session fixation Issue
MajorSecurity Advisory 40onelook oboShop - Session fixation Issue Details ======= Product: oboShop Remote-Exploit: yes Vendor-URL: http://www.onebyone.ch/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz http://www.majorsecurity.de Original...
[MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...
Mozilla Foundation Security Advisory 2007-07
Mozilla Foundation Security Advisory 2007-07 Title: Embedded nulls in location.hostname confuse same-domain checks Impact: High Announced: February 23, 2007 Reporter: Michal Zalewski Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.2 Firefox 1.5.0.10 SeaMonkey 1.0.8 Description Michal Zalewsk...
Session fixation
Cisco IOS after 12.314T, 12.38YC1, 12.38YG, and 12.4, with voice support and without Session Initiated Protocol SIP configured, allows remote attackers to cause a denial of service crash by sending a crafted packet to port 5060/UDP...
Debian DSA-1007-1 : drupal - several vulnerabilities
The Drupal Security Team discovered several vulnerabilities in Drupal, a fully-featured content management and discussion engine. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1225 Due to missing input sanitising a remote attacker could inject...