Vulnerability Details CVE-2002-0097
Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 72.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://geeklog.sourceforge.net/index.php?topic=Security
- http://online.securityfocus.com/archive/1/249443
- http://www.iss.net/security_center/static/7869.php
- http://www.securityfocus.com/bid/3844
- http://geeklog.sourceforge.net/index.php?topic=Security
- http://online.securityfocus.com/archive/1/249443
- http://www.iss.net/security_center/static/7869.php
- http://www.securityfocus.com/bid/3844