CVE-2007-3597
CVE-2007-3597 describes a session fixation vulnerability in Zen Cart 1.3.7 and earlier, where an attacker can hijack web sessions by setting the Cookie parameter. The affected software is Zen Cart (versions up to and including 1.3.7); the underlying issue is that session identifiers can be preset...