RakhiSoftware Shopping Cart - PHPSESSID Cookie Manipulation Full Path Disclosure

Author: Charalambous Glafkos
type: webapps
platform: php
port: 
date_added: 2008-11-28 
date_updated: 2014-03-31 
verified: 1 
codes: CVE-2008-6279;OSVDB-50325 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/32563/info

RakhiSoftware Shopping Cart is prone to multiple remote vulnerabilities.

Exploiting these issues can allow attackers to obtain sensitive information, steal cookie data, access or modify data, or exploit latent vulnerabilities in the underlying database.

Set Cookie: PHPSESSID='