https://www.exploit-db.com/exploits/32887
osCommerce 2.2/3.0 - 'oscid' Session Fixation






漏洞ID | 1057623 | 漏洞类型 | |
发布时间 | 2009-04-02 | 更新时间 | 2009-04-02 |
![]() |
N/A | ![]() |
N/A |
漏洞平台 | PHP | CVSS评分 | N/A |
|漏洞来源
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/34348/info
osCommerce is prone to a session-fixation vulnerability.
Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application.
The following are vulnerable:
osCommerce 2.2
osCommerce 3.0 Beta
Other versions may also be affected.
http://www.example.com/myapp/index.php?oscid=arbitrarysession
检索漏洞
开始时间
结束时间