Vulnerabilities > CVE-2007-6546 - Input Validation vulnerability in RunCMS
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | RunCMS 1.6 Multiple Remote Vulnerabilities. CVE-2007-6545,CVE-2007-6546,CVE-2007-6547,CVE-2007-6548. Webapps exploit for php platform |
file | exploits/php/webapps/4790.txt |
id | EDB-ID:4790 |
last seen | 2016-01-31 |
modified | 2007-12-25 |
platform | php |
port | |
published | 2007-12-25 |
reporter | DSecRG |
source | https://www.exploit-db.com/download/4790/ |
title | runcms 1.6 - Multiple Vulnerabilities |
type | webapps |