Vulnerability Details CVE-2007-3988
Session fixation vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.5%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/26142
- http://securityreason.com/securityalert/2926
- http://www.majorsecurity.de/index_2.php?major_rls=major_rls51
- http://www.securityfocus.com/archive/1/474324/100/0/threaded
- http://www.securityfocus.com/bid/25006
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35548
- http://secunia.com/advisories/26142
- http://securityreason.com/securityalert/2926
- http://www.majorsecurity.de/index_2.php?major_rls=major_rls51
- http://www.securityfocus.com/archive/1/474324/100/0/threaded
- http://www.securityfocus.com/bid/25006
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35548
Products affected by CVE-2007-3988
-
cpe:2.3:a:virtual_hosting_control_system:virtual_hosting_control_system:*