CVE-2007-2546

2007-05-0910:00:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.4%

JSON

Session fixation vulnerability in Simple Machines Forum (SMF) 1.1.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.

References

osvdb.org/35705

secunia.com/advisories/25139

securityreason.com/securityalert/2676

www.majorsecurity.de/index_2.php?major_rls=major_rls47

www.securityfocus.com/archive/1/467748/100/0/threaded

www.securityfocus.com/archive/1/471414/100/0/threaded

www.securityfocus.com/bid/24482