Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mozilowiki | Mozilo | 0.8 | 0.8 |
Mozilowiki | Mozilo | 0.10 | 0.10 |
Mozilowiki | Mozilo | 0.7 | 0.7 |
Mozilowiki | Mozilo | 1.0.0 | 1.0.0 |
Mozilowiki | Mozilo | 0.9 | 0.9 |
Mozilowiki | Mozilo | * | 1.0.1 |