Описание
phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read session ID values in files under tmp/, and then hijack sessions via PHPSESSID cookies.
phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read session ID values in files under tmp/, and then hijack sessions via PHPSESSID cookies.
EPSS
Процентиль: 86%
0.02763
Низкий
CVE ID
Связанные уязвимости
nvd
около 18 лет назад
phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read session ID values in files under tmp/, and then hijack sessions via PHPSESSID cookies.
EPSS
Процентиль: 86%
0.02763
Низкий