VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 28, 2007· Updated Apr 23, 2026

CVE-2007-6546

CVE-2007-6546

Description

RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.

Affected products

1
  • Runcms/Runcms
    cpe:2.3:a:runcms:runcms:*:*:*:*:*:*:*:*
    Range: <=1.6

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.