- Home
- CVEs with oval.description==The+session_start+function+in+ext%2Fsession+in+PHP+4.x+up+to+4.4.7+and+5.x+up+to+5.2.3+allows+remote+attackers+to+insert+arbitrary+attributes+into+the+session+cookie+via+special+characters+in+a+cookie+that+is+obtained+from+%281%29+PATH_INFO%2C+%282%29+the+session_id+function%2C+and+%283%29+the+session_start+function%2C+which+are+not+encoded+or+filtered+when+the+new+session+cookie+is+generated%2C+a+related+issue+to+CVE-2006-0207.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top