[] NeoSense
E X P L O I T S
title author type platform port cve id

phpRPG 0.8 - '/tmp' Directory PHPSESSID Cookie Session Hijacking

Author: Michael Brooks
type: webapps
platform: php
port: 
date_added: 2007-12-15 
date_updated: 2014-01-13 
verified: 1 
codes: CVE-2007-6470;OSVDB-39262 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/26884/info

phpRPG is prone to two vulnerabilities:

- An SQL-injection vulnerability
- A vulnerability that lets remote attackers gain access to sessions.

Exploiting these issues may allow an unauthorized user to steal sessions, access or modify data, or exploit latent vulnerabilities in the underlying database.

This issue affects phpRPG 0.8.0; other versions may also be affected.

http://www.example.com/phpRPG-0.8.0/tmp/
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.