Multiple session fixation vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allow remote attackers to hijack web sessions by setting the PHPSESSID parameter to (1) index.php and (2) login.php in homepg/.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-07-02T17:00:00
Updated: 2018-10-11T19:57:01
Reserved: 2008-07-02T00:00:00
Link: CVE-2008-2970
JSON object: View
NVD Information
Status : Modified
Published: 2008-07-02T17:14:00.000
Modified: 2018-10-11T20:45:38.967
Link: CVE-2008-2970
JSON object: View
Redhat Information
No data.
CWE