Xt-commerce » Xt-commerce : Security Vulnerabilities, CVEs, (Gain Privilege)
Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter.
Max CVSS
6.8
EPSS Score
4.81%
Published
2009-02-03
Updated
2024-03-19
1 vulnerabilities found