|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: OSCommerce Session Fixation Vulnerability
tech107
gmail.com
Date: Tue Apr 14 2009 - 06:23:55 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Great find! However depending on the PHP version and proper osC configuration, session hijacking will not work. Credit goes to osC team.
Solution
http://forums.oscommerce.com/index.php?showtopic=333351
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]