Lucene search
MitreCVE-2008-6045HistoryFeb 03, 2009 - 11:30 a.m.
CVE-2008-6045
2009-02-0311:30:00
CWE-287
mitre
web.nvd.nist.gov
23
cve-2008-6045
session fixation
xt:commerce
web sessions hijack
vulnerability
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.044
Percentile
92.5%
Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter.
Affected configurations
Node
xt-commercext-commerceRange≤3.0.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| xt-commerce | xt-commerce | * | cpe:2.3:a:xt-commerce:xt-commerce:*:*:*:*:*:*:*:* |
Related
prion
prion
Session fixation
2009-02-03 11:30:00
exploitdb
exploitdb
xt:Commerce 3.04 - 'XTCsid' Session Fixation
2008-09-22 00:00:00
nvd
nvd
CVE-2008-6045
2009-02-03 11:30:00
cvelist
cvelist
CVE-2008-6045
2009-02-03 11:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.044
Percentile
92.5%
Related for CVE-2008-6045