Description
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.
Remediation
References
Related Vulnerabilities
WordPress Plugin Essential Content Types Security Bypass (1.4)
WordPress Plugin RocketTheme RokBox Multiple Vulnerabilities (2.13)
Ruby on Rails Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-8162)
WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Directory Traversal (2.4.19)