Description
cookiecheck.php in CookieCheck 1.0 stores tmp/cc_sessions under the web root with insufficient access control, which allows remote attackers to obtain session data via a direct request related to the "default session save path."
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2008-6562 | cookiecheck.php in CookieCheck 1.0 stores tmp/cc_sessions under the web root with insufficient access control, which allows remote attackers to obtain session data via a direct request related to the "default session save path." |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T11:34:47.118Z
Reserved: 2009-04-03T00:00:00.000Z
Link: CVE-2008-6599
No data.
Status : Modified
Published: 2009-04-03T18:30:00.517
Modified: 2026-06-16T23:02:32.790
Link: CVE-2008-6599
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD