Description
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.4.x Directory Traversal (3.4.0 - 3.4.5)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3412)
MySQL CVE-2016-0606 Vulnerability (CVE-2016-0606)
WordPress Plugin April's Super Functions Pack Cross-Site Scripting (1.4.7)
WordPress Plugin Customer Reviews for WooCommerce Multiple Vulnerabilities (5.3.5)