Filtered by vendor The Php Group Subscriptions
Filtered by product Pear Html Quickform Controller Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-4731 1 The Php Group 1 Pear Html Quickform Controller 2024-11-21 N/A
The Next action in PEAR HTML_QuickForm_Controller 1.0.4 includes the SID in the URL even when session.use_only_cookies is configured, which allows remote attackers to obtain the SID via an HTTP Referer field and possibly other vectors.