Back to search
CVE-2009-2165
Published: Jun 22, 2009
Modified: Sep 17, 2024
PUBLISHED
Description
SerendipityNZ (aka SimpleBoxes) Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
35335
third-party-advisory
x_refsource_SECUNIA
JVNDB-2009-000035
third-party-advisory
x_refsource_JVNDB
35254
vdb-entry
x_refsource_BID
JVN#20689557
third-party-advisory
x_refsource_JVN
http://serenebach.net/log/sb221R.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now