CVE-2014-2341

Session fixation vulnerability in CubeCart before 5.2.9 allows remote attackers to hijack web sessions via the PHPSESSID parameter.

Date published : 2014-04-21

http://www.securityfocus.com/bid/66805

http://forums.cubecart.com/topic/48427-cubecart-529-relased/