Description

Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vectors.

Remediation

References

CVE-2014-2047

Related Vulnerabilities

MySQL CVE-2018-2573 Vulnerability (CVE-2018-2573)

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (4.10.7)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1765)

WordPress Plugin WP Job Manager Privilege Escalation (1.34.4)

phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-0792)

Severity

Medium

Classification

CVE-2014-2047 CWE-287

Tags

Missing Update Known Vulnerabilities