Session ID Hijacking Vulnerability in PHP 4.0 through 4.1.1

Session ID Hijacking Vulnerability in PHP 4.0 through 4.1.1

CVE-2002-0121 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.

Learn more about our Web App Pen Testing.