Auth bypass in Mozilo Mozilocms

CVE-2008-6128

Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.

Vulnerability class: Broken Authentication

EPSS: 0.013 (65.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References