Описание
Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter.
Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-5458
- http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released
- http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html
- http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx
- http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449
- http://www.securityfocus.com/archive/1/535860/100/0/threaded
- http://www.securityfocus.com/bid/75577
EPSS
Процентиль: 77%
0.01077
Низкий
CVE ID
Связанные уязвимости
nvd
больше 10 лет назад
Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter.
EPSS
Процентиль: 77%
0.01077
Низкий