Vulnerabilities > CVE-2007-6546 - Input Validation vulnerability in RunCMS
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | RunCMS 1.6 Multiple Remote Vulnerabilities. CVE-2007-6545,CVE-2007-6546,CVE-2007-6547,CVE-2007-6548. Webapps exploit for php platform |
| file | exploits/php/webapps/4790.txt |
| id | EDB-ID:4790 |
| last seen | 2016-01-31 |
| modified | 2007-12-25 |
| platform | php |
| port | |
| published | 2007-12-25 |
| reporter | DSecRG |
| source | https://www.exploit-db.com/download/4790/ |
| title | runcms 1.6 - Multiple Vulnerabilities |
| type | webapps |