VYPR
Unrated severityNVD Advisory· Published Jun 22, 2009· Updated Jun 16, 2026

CVE-2009-2165

CVE-2009-2165

Description

SerendipityNZ (aka SimpleBoxes) Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:serendipitynz:serene_bach:*:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:serendipitynz:serene_bach:*:*:*:*:*:*:*:*range: <=2.20r
    • cpe:2.3:a:serendipitynz:serene_bach:1.18r:*:*:*:*:*:*:*
    • cpe:2.3:a:serendipitynz:serene_bach:1.19r:*:*:*:*:*:*:*
    • cpe:2.3:a:serendipitynz:serene_bach:2.05r:*:*:*:*:*:*:*
    • cpe:2.3:a:serendipitynz:serene_bach:2.08d:*:*:*:*:*:*:*
    • cpe:2.3:a:serendipitynz:serene_bach:2.09r:*:*:*:*:*:*:*
    • cpe:2.3:a:serendipitynz:serene_bach:3.00:beta023:*:*:*:*:*:*
    • (no CPE)range: <=2.20R, >=3.00 beta023

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.