Vulnerabilities > CVE-2007-3978 - Credentials Management vulnerability in Bwired
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Session fixation vulnerability in bwired allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | bwired (index.php newsID) Remote SQL Injection Vulnerability. CVE-2007-3976,CVE-2007-3977,CVE-2007-3978. Webapps exploit for php platform |
| file | exploits/php/webapps/4213.txt |
| id | EDB-ID:4213 |
| last seen | 2016-01-31 |
| modified | 2007-07-22 |
| platform | php |
| port | |
| published | 2007-07-22 |
| reporter | g00ns |
| source | https://www.exploit-db.com/download/4213/ |
| title | bwired index.php newsID Remote SQL Injection Vulnerability |
| type | webapps |