CVE-2014-2341
published 2014-04-22CVE-2014-2341: Session fixation vulnerability in CubeCart before 5.2.9 allows remote attackers to hijack web sessions via the PHPSESSID parameter.
PriorityP340medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
5.83%
92.2th percentile
Session fixation vulnerability in CubeCart before 5.2.9 allows remote attackers to hijack web sessions via the PHPSESSID parameter.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cubecart | cubecart | <= 5.2.8 | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://forums.cubecart.com/topic/48427-cubecart-529-relased/http://secunia.com/advisories/57856http://www.exploit-db.com/exploits/32830http://www.osvdb.org/105784http://www.securityfocus.com/bid/66805http://www.securitytracker.com/id/1030086https://exchange.xforce.ibmcloud.com/vulnerabilities/92526http://forums.cubecart.com/topic/48427-cubecart-529-relased/http://secunia.com/advisories/57856http://www.exploit-db.com/exploits/32830http://www.osvdb.org/105784http://www.securityfocus.com/bid/66805http://www.securitytracker.com/id/1030086https://exchange.xforce.ibmcloud.com/vulnerabilities/92526
2014-04-22
Published