Unrated severityNVD Advisory· Published Feb 3, 2009· Updated Jun 16, 2026
CVE-2008-6045
CVE-2008-6045
Description
Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:xt-commerce:xt-commerce:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:xt-commerce:xt-commerce:*:*:*:*:*:*:*:*range: <=3.0.4
- (no CPE)range: <=3.0.4
Patches
Vulnerability mechanics
References
5- www.securityfocus.com/bid/31313nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/496583/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/496588/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.majorsecurity.de/index_2.phpnvdBroken Link
- exchange.xforce.ibmcloud.com/vulnerabilities/45341nvdVDB Entry
News mentions
0No linked articles in our index yet.