CVE-2025-63529

by Fred · 01/12/2025

A session fixation vulnerability exists in Blood Bank Management System 1.0 in login.php that allows an attacker to set or predict a user’s session identifier prior to authentication. When the victim logs in, the application continues to use the attacker-supplied session ID rather than generating a new one, enabling the attacker to hijack the authenticated session and gain unauthorized access to the victim’s account.

More information : https://drive.google.com/file/d/12yeOXW_sN69QjsQtW0_k9AGqozi1s0di/view?usp=sharing

CVE-2025-63529

Similar

Recent Posts

Categories

CVE-2025-63529

Share this:

Similar

Recent Posts

Categories

Tags