1. CVE-Search
  2. CVE-2007-6546
ID CVE-2007-6546
Summary RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.
References
Vulnerable Configurations
  • cpe:2.3:a:runcms:runcms:*:*:*:*:*:*:*:*
    cpe:2.3:a:runcms:runcms:*:*:*:*:*:*:*:*
CVSS
Base: 6.4 (as of 15-10-2018 - 21:55)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:N
refmap via4
bid 27019
bugtraq 20071225 Multiple vulnerabilities in RUNCMS 1.6 by DSecRG
exploit-db 4790
misc http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131
osvdb 41245
sreason 3493
Last major update 15-10-2018 - 21:55
Published 28-12-2007 - 00:46
Last modified 15-10-2018 - 21:55
Back to Top