VYPR
Unrated severityNVD Advisory· Published Jan 23, 2009· Updated Jun 16, 2026

CVE-2008-5964

CVE-2008-5964

Description

Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.

Affected products

6
  • cpe:2.3:a:impresscms:impresscms:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:impresscms:impresscms:*:*:*:*:*:*:*:*range: <=1.0.3
    • cpe:2.3:a:impresscms:impresscms:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:impresscms:impresscms:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:impresscms:impresscms:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:impresscms:impresscms:1.1:*:*:*:*:*:*:*
    • (no CPE)range: <1.1.1 RC1

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.