CVE-2007-6470

Name of the Vulnerable Software and Affected Versions phpRPG version 0.8

Description The issue allows remote attackers to read session ID values in files under the tmp/ directory due to insufficient access control. This can lead to session hijacking via PHPSESSID cookies.

Recommendations For phpRPG version 0.8, consider restricting access to the tmp/ directory to prevent remote reading of session ID values, and implement proper access controls to sensitive information stored under the web root.