2007-07-25 18:00:00
mitre
PUBLISHED
Session fixation vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.