Apache Axis2 1.x – ‘/axis2/axis2-admin’ Session Fixation

• Exploit Database
• 112 阅读

• 作者： Tiago Ferreira Barbosa
  日期： 2010-06-23
• 类别：

  • remote
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/34186/
• 1 2 3 4 5 6 7 8 9 10

  source: https://www.securityfocus.com/bid/41076/info   Apache Axis2 is prone to a session-fixation vulnerability.   Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application.   Apache Axis2 1.5 is vulnerable; other versions may also be affected.   http://www.example.com:8080/axis2/axis2-admin/engagingglobally?submit=%2bEngage 2b&modules=