Bugtraq mailing list archives

Re: OSCommerce Session Fixation Vulnerability

From: tech107 () gmail com
Date: Tue, 14 Apr 2009 05:23:55 -0600

Great find!  However depending on the PHP version and proper osC configuration, session hijacking will not work.  
Credit goes to osC team.

Solution
http://forums.oscommerce.com/index.php?showtopic=333351

Current thread:

OSCommerce Session Fixation Vulnerability laurent . desaulniers (Apr 02)
- <Possible follow-ups>
- Re: OSCommerce Session Fixation Vulnerability tech107 (Apr 14)