Unrated severityNVD Advisory· Published Dec 20, 2007· Updated Jun 16, 2026
CVE-2007-6470
CVE-2007-6470
Description
phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read session ID values in files under tmp/, and then hijack sessions via PHPSESSID cookies.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/26884nvdExploit
- secunia.com/advisories/27968nvdVendor Advisory
- marc.infonvd
News mentions
0No linked articles in our index yet.