Account Hijacking Vulnerability in PHPX 2.0 through 3.2.4

Account Hijacking Vulnerability in PHPX 2.0 through 3.2.4

CVE-2004-0249 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

PHPX 2.0 through 3.2.4 allows remote attackers to gain access to other accounts by modifying the cookie's PXL variable to reference another userID.

Learn more about our User Device Pen Test.