Sign in Get started

← All advisories

Unrated severityNVD Advisory· Published Jun 1, 2007· Updated Apr 23, 2026

CVE-2007-2978

CVE-2007-2978

Description

Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.

Affected products

1

Eggblog/Eggblog
cpe:2.3:a:eggblog:eggblog:*:*:*:*:*:*:*:*
Range: <=3.1.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

securityreason.com/securityalert/2756nvdExploit
secunia.com/advisories/25443nvdVendor Advisory
osvdb.org/36734nvd
www.majorsecurity.de/index_2.phpnvd
www.securityfocus.com/archive/1/469888/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/34549nvd

News mentions

0

No linked articles in our index yet.