2 matches found
Session fixation
Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...
CVE-2008-5964
CVE-2008-5964 affects Social ImpressCMS prior to 1.1.1 RC1. There is a session fixation flaw: an attacker can set the PHPSESSID to hijack a web session. Impact as described: confidentiality, integrity, and availability can be partially affected; no exploitation details are provided. Remediation p...