CVE-2010-1434Session Fixation in Joomla !

CWE-384Session Fixation4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.0%
top 99.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Joomla !
Timeline
PublishedJun 21
Latest updateApr 21

Description

Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hijack an arbitrary session and gain access to sensitive information, which may help in launching further attacks. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDjoomla/joomla_!1.5.01.5.15
CVEListV5joomla/joomla_!Joomla core from 1.5.0 up to and including 1.5.15

🔴Vulnerability Details

2
GHSA
GHSA-v887-xwm6-h3cc: Joomla! Core is prone to a session fixation vulnerability2022-04-21
CVEList
CVE-2010-1434: Joomla! Core is prone to a session fixation vulnerability2021-06-21

💥Exploits & PoCs

1
Exploit-DB
Microsoft SQL Server - Resolution Overflow (MS02-039) (Metasploit)2010-04-30
CVE-2010-1434 — Session Fixation in Joomla ! | cvebase