CVE-2007-3597

Session fixation vulnerability in Zen Cart 1.3.7 and earlier allows remote attackers to hijack web sessions by setting the Cookie parameter.

Date published : 2007-07-06

http://www.securityfocus.com/archive/1/472875/100/0/threaded

http://sourceforge.net/project/shownotes.php?release_id=474574&group_id=83781