{"api_version":"1","generated_at":"2026-07-04T14:28:28+00:00","cve":"CVE-2011-4718","urls":{"html":"https://cve.report/CVE-2011-4718","api":"https://cve.report/api/cve/CVE-2011-4718.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2011-4718","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2011-4718"},"summary":{"title":"CVE-2011-4718","description":"Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.","state":"PUBLISHED","assigner":"mitre","published_at":"2013-08-13 15:04:18","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"6.8","severity":"","vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=169b78eb79b0e080b67f9798708eb3771c6d0b2f","name":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=169b78eb79b0e080b67f9798708eb3771c6d0b2f","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"208.43.231.11 Git - php-src.git/commit","mime":"text/xml","httpstatus":"-1","archivestatus":"200"},{"url":"https://bugs.php.net/bug.php?id=60491","name":"https://bugs.php.net/bug.php?id=60491","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"PHP :: You must be logged in","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"https://wiki.php.net/rfc/strict_sessions","name":"https://wiki.php.net/rfc/strict_sessions","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"PHP: rfc:strict_sessions    [PHP Wiki]","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=25e8fcc88fa20dc9d4c47184471003f436927cde","name":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=25e8fcc88fa20dc9d4c47184471003f436927cde","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"208.43.231.11 Git - php-src.git/commit","mime":"text/xml","httpstatus":"-1","archivestatus":"200"},{"url":"http://git.php.net/?p=php-src.git;a=commit;h=169b78eb79b0e080b67f9798708eb3771c6d0b2f","name":"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=169b78eb79b0e080b67f9798708eb3771c6d0b2f","refsource":"MITRE","tags":[],"title":"208.43.231.11 Git - php-src.git/commit","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"http://git.php.net/?p=php-src.git;a=commit;h=25e8fcc88fa20dc9d4c47184471003f436927cde","name":"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=25e8fcc88fa20dc9d4c47184471003f436927cde","refsource":"MITRE","tags":[],"title":"208.43.231.11 Git - php-src.git/commit","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2011-4718","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4718","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.0","cpe7":"beta1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.0","cpe7":"beta2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.0","cpe7":"beta3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.0","cpe7":"beta4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.0","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.0","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.0","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.1.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.1.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.1.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.14","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.15","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.16","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.17","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.2.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.14","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.15","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.16","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.17","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.18","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.19","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.20","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.21","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.22","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.23","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.24","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.25","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.26","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.27","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.3.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.12","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.12","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.13","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.14","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.14","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.15","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.16","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.4.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"alpha1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"alpha2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"alpha3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"alpha4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"alpha5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"alpha6","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"beta1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"beta2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"beta3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"beta4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"5.5.0","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"4718","vulnerable":"1","versionEndIncluding":"5.5.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T00:16:34.435Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=25e8fcc88fa20dc9d4c47184471003f436927cde"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://wiki.php.net/rfc/strict_sessions"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://bugs.php.net/bug.php?id=60491"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=169b78eb79b0e080b67f9798708eb3771c6d0b2f"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2013-08-13T01:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=25e8fcc88fa20dc9d4c47184471003f436927cde"},{"tags":["x_refsource_MISC"],"url":"https://wiki.php.net/rfc/strict_sessions"},{"tags":["x_refsource_MISC"],"url":"https://bugs.php.net/bug.php?id=60491"},{"tags":["x_refsource_CONFIRM"],"url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=169b78eb79b0e080b67f9798708eb3771c6d0b2f"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2011-4718","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://git.php.net/?p=php-src.git;a=commit;h=25e8fcc88fa20dc9d4c47184471003f436927cde","refsource":"CONFIRM","url":"http://git.php.net/?p=php-src.git;a=commit;h=25e8fcc88fa20dc9d4c47184471003f436927cde"},{"name":"https://wiki.php.net/rfc/strict_sessions","refsource":"MISC","url":"https://wiki.php.net/rfc/strict_sessions"},{"name":"https://bugs.php.net/bug.php?id=60491","refsource":"MISC","url":"https://bugs.php.net/bug.php?id=60491"},{"name":"http://git.php.net/?p=php-src.git;a=commit;h=169b78eb79b0e080b67f9798708eb3771c6d0b2f","refsource":"CONFIRM","url":"http://git.php.net/?p=php-src.git;a=commit;h=169b78eb79b0e080b67f9798708eb3771c6d0b2f"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2011-4718","datePublished":"2013-08-13T01:00:00.000Z","dateReserved":"2011-12-09T00:00:00.000Z","dateUpdated":"2024-09-16T18:44:19.435Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2013-08-13 15:04:18","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionEndIncluding":"5.5.1","matchCriteriaId":"606D51F5-EF88-4016-A3FA-660224117DB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7007E77F-60EF-44D8-9676-15B59DF1325F"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*","matchCriteriaId":"E727CECE-E452-489A-A42F-5A069D6AF80E"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*","matchCriteriaId":"149A1FB8-593E-412B-8E1C-3E560301D500"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*","matchCriteriaId":"5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*","matchCriteriaId":"8FC144FA-8F84-44C0-B263-B639FEAD20FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*","matchCriteriaId":"295907B4-C3DE-4021-BE3B-A8826D4379E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*","matchCriteriaId":"DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*","matchCriteriaId":"B881352D-954E-4FC0-9E42-93D02A3F3089"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*","matchCriteriaId":"17437AED-816A-4CCF-96DE-8C3D0CC8DB2B"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*","matchCriteriaId":"74E7AE59-1CB0-4300-BBE0-109F909789EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*","matchCriteriaId":"9222821E-370F-4616-B787-CC22C2F4E7CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*","matchCriteriaId":"9809449F-9A76-4318-B233-B4C2950A6EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*","matchCriteriaId":"0AA962D4-A4EC-4DC3-B8A9-D10941B92781"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*","matchCriteriaId":"F8CDFEF9-C367-4800-8A2F-375C261FAE55"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*","matchCriteriaId":"16E43B88-1563-4EFD-9267-AE3E8C35D67A"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*","matchCriteriaId":"11E5715F-A8BC-49EF-836B-BB78E1BC0790"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*","matchCriteriaId":"5FA68843-158E-463E-B68A-1ACF041C4E10"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*","matchCriteriaId":"1874F637-77E2-4C4A-BF92-AEE96A60BFB0"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*","matchCriteriaId":"9592B32E-55CD-42D0-901E-8319823BC820"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*","matchCriteriaId":"A9BF34B5-F74C-4D56-9841-42452D60CB87"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*","matchCriteriaId":"CD02D837-FD28-4E0F-93F8-25E8D1C84A99"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*","matchCriteriaId":"88358D1E-BE6F-4CE3-A522-83D1FA4739E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*","matchCriteriaId":"D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*","matchCriteriaId":"86767200-6C9C-4C3E-B111-0E5BE61E197B"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*","matchCriteriaId":"B00B416D-FF23-4C76-8751-26D305F0FA0F"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*","matchCriteriaId":"CCB6CDDD-70D3-4004-BCE0-8C4723076103"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*","matchCriteriaId":"A782CA26-9C38-40A8-92AE-D47B14D2FCE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*","matchCriteriaId":"1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*","matchCriteriaId":"0892C89E-9389-4452-B7E0-981A763CD426"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*","matchCriteriaId":"635F3CB1-B042-43CC-91AB-746098018D8C"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*","matchCriteriaId":"E1F32DDF-17A3-45B5-9227-833EBEBD3923"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*","matchCriteriaId":"2CDFB7E9-8510-430F-BFBC-FD811D60DC78"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*","matchCriteriaId":"79D5336A-14AA-483E-9CBE-A7B53120B925"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*","matchCriteriaId":"3AADA875-E0EA-483A-A07E-2914FE969972"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*","matchCriteriaId":"95D48A71-B84E-4B6C-9603-B3373052E568"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*","matchCriteriaId":"CAAB7D55-F155-43F9-A563-F2E35CFFEF26"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*","matchCriteriaId":"72243A3F-6BFD-472B-9EA4-82BE4253ED27"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*","matchCriteriaId":"E415CC22-09CA-47D2-9F1A-0BCA8960835B"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*","matchCriteriaId":"9EF4B938-BB14-4C06-BEE9-10CA755C5DEF"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*","matchCriteriaId":"981C922C-7A7D-473E-8C43-03AB62FB5B8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*","matchCriteriaId":"5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*","matchCriteriaId":"B0F40E4A-E125-4099-A8B3-D42614AA9312"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*","matchCriteriaId":"4933D9DD-A630-4A3D-9D13-9E182F5F6F8C"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*","matchCriteriaId":"A9E6D530-91FC-42F4-A427-6601238E0187"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*","matchCriteriaId":"9EC938DB-E066-407F-BDF8-61A1C41136F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*","matchCriteriaId":"ACDF768D-7F5A-4042-B7DD-398F65F3F094"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*","matchCriteriaId":"2AF35BB6-C6B1-4683-A8BE-AA72CC34F5B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*","matchCriteriaId":"EC3F1891-032D-409C-904C-A415D2323DFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*","matchCriteriaId":"4B13826D-06B2-4A46-AB24-092F6935958D"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*","matchCriteriaId":"1B6528FC-51BE-4E30-B282-D9841553BA26"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:*","matchCriteriaId":"66CF9452-6225-4726-822B-C7CD620A1D6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.13:*:*:*:*:*:*:*","matchCriteriaId":"A953FF53-1106-42D3-BE4A-4F27C7C42F52"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.14:*:*:*:*:*:*:*","matchCriteriaId":"D4D2F015-A38D-43C6-ADC6-A0EFCE150071"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.15:*:*:*:*:*:*:*","matchCriteriaId":"75A8FF8E-A26A-45AD-BD91-9B4822581CE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.16:*:*:*:*:*:*:*","matchCriteriaId":"5F27C2F9-73BE-46EF-B5ED-8D407D22D12E"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.17:*:*:*:*:*:*:*","matchCriteriaId":"EB212796-B71B-4F6B-9156-9C5178FF0931"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.18:*:*:*:*:*:*:*","matchCriteriaId":"DFBCD79D-3821-4538-B6F1-49F51E5983E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.19:*:*:*:*:*:*:*","matchCriteriaId":"B66E709F-E34E-4744-8970-0F70F95A8761"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.20:*:*:*:*:*:*:*","matchCriteriaId":"D20691D0-3102-4E82-BED9-9E7B67F9F778"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.21:*:*:*:*:*:*:*","matchCriteriaId":"6DA7831F-5F53-4A29-9AB1-913EBD095589"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.22:*:*:*:*:*:*:*","matchCriteriaId":"F798EC96-FC60-47BA-AE27-8C2261D9E5D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.23:*:*:*:*:*:*:*","matchCriteriaId":"633BEAF3-C73C-48FC-B623-375B9F79C93D"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.24:*:*:*:*:*:*:*","matchCriteriaId":"965BB50E-7675-43A7-B074-98BCB1EBA311"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.25:*:*:*:*:*:*:*","matchCriteriaId":"B52F6124-1C8E-4568-BACF-A463064DA48E"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.26:*:*:*:*:*:*:*","matchCriteriaId":"2BA2F96C-A676-4F13-8E41-600461338B1A"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.3.27:*:*:*:*:*:*:*","matchCriteriaId":"E0FE5746-FA0B-493A-B3A9-DE2A153C5ECA"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*","matchCriteriaId":"E7B9B8D2-78B7-4B17-955B-741C7A6F6634"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*","matchCriteriaId":"5CA2A940-BD69-4D35-AF12-432CB929248B"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*","matchCriteriaId":"29BD13F9-86C8-44C4-A860-9A87870A518E"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*","matchCriteriaId":"1B361FDE-9F6A-4E9A-96F1-619DC56EECB6"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*","matchCriteriaId":"3DBD9E7B-1237-47A8-8A07-5CC5246A9C5A"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*","matchCriteriaId":"6F2BB41E-2096-4291-B0ED-06825FDFE8BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*","matchCriteriaId":"52BA94F7-1AF9-415C-AC21-30BC25C74C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*","matchCriteriaId":"D0A739A0-698A-422B-886B-430A79F6E945"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*","matchCriteriaId":"086E0D24-A43E-4CEA-9FB0-FE193B88CC31"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*","matchCriteriaId":"EC8D0963-8CA5-4814-9B6D-4E1C3907737B"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*","matchCriteriaId":"77A4B7E0-C872-4E53-AD72-1BB2755E4FDA"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*","matchCriteriaId":"EECCD553-53D5-485E-8C21-E2A5070833B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*","matchCriteriaId":"95357C79-A754-4E0C-B65B-0FA241962B12"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*","matchCriteriaId":"25EAF9A9-F7A1-4AC7-BCFD-769BE0FDB537"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*","matchCriteriaId":"74EA8037-7C22-48B3-9FA2-4BFFFFD513D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*","matchCriteriaId":"C8D1254E-0C72-4958-BA7F-5B818C3ACB15"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*","matchCriteriaId":"92994FFC-F362-48AC-9CA8-8EBCAC880C91"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*","matchCriteriaId":"21131DF1-1EE5-4C84-B1E0-FA75BC39B344"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*","matchCriteriaId":"0B23F85D-465B-4176-9798-E78AADE421EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*","matchCriteriaId":"ADEE52B4-8392-4321-8C00-FABA6270E728"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*","matchCriteriaId":"57D74F58-DB3A-4A70-93CF-B350DB65EF49"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*","matchCriteriaId":"3D25E591-448C-4E3B-8557-6E48F7571796"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*","matchCriteriaId":"6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*","matchCriteriaId":"3AF783C9-26E7-4E02-BD41-77B9783667E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*","matchCriteriaId":"EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*","matchCriteriaId":"7AEDF6F7-001D-4A35-A26F-417991AD377F"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*","matchCriteriaId":"4031DB99-B4B4-41EC-B3C1-543D92C575A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*","matchCriteriaId":"D5450EA7-A398-49D2-AA8E-7C95B074BAB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*","matchCriteriaId":"04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*","matchCriteriaId":"BB8E09D8-9CBE-4279-88B7-24A214A5A537"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*","matchCriteriaId":"2D41ECCE-887D-49A2-9BB3-B559495AC55B"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*","matchCriteriaId":"79B418BC-27F4-4443-A0F7-FF4ADA568C1B"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*","matchCriteriaId":"8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2011","CveId":"4718","Ordinal":"1","Title":"CVE-2011-4718","CVE":"CVE-2011-4718","Year":"2011"},"notes":[{"CveYear":"2011","CveId":"4718","Ordinal":"1","NoteData":"Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.","Type":"Description","Title":"CVE-2011-4718"},{"CveYear":"2011","CveId":"4718","Ordinal":"2","NoteData":"2013-08-12","Type":"Other","Title":"Published"}]}}}