{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T10:48:02.707","vulnerabilities":[{"cve":{"id":"CVE-2007-3597","sourceIdentifier":"cve@mitre.org","published":"2007-07-06T18:30:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Session fixation vulnerability in Zen Cart 1.3.7 and earlier allows remote attackers to hijack web sessions by setting the Cookie parameter."},{"lang":"es","value":"Vulnerabilidad de fijación de sesión en Zen Cart 1.3.7 y versiones anteriores permite a atacantes remotos secuestrar sesiones web utilizando el parámetro Cookie."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:C/I:C/A:C","baseScore":8.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.8,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zen_cart:zen_cart:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.7","matchCriteriaId":"41CFFC31-53F9-4703-9C8B-E66EB0C5AE57"}]}]}],"references":[{"url":"http://osvdb.org/37836","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/25942","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://securityreason.com/securityalert/2866","source":"cve@mitre.org"},{"url":"http://sourceforge.net/project/shownotes.php?release_id=474574&group_id=83781","source":"cve@mitre.org"},{"url":"http://superb-east.dl.sourceforge.net/sourceforge/zencart/zen-cart-v1.3.7-admin-patch.zip","source":"cve@mitre.org","tags":["Patch"]},{"url":"http://www.securityfocus.com/archive/1/472875/100/0/threaded","source":"cve@mitre.org"},{"url":"http://osvdb.org/37836","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/25942","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://securityreason.com/securityalert/2866","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://sourceforge.net/project/shownotes.php?release_id=474574&group_id=83781","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://superb-east.dl.sourceforge.net/sourceforge/zencart/zen-cart-v1.3.7-admin-patch.zip","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://www.securityfocus.com/archive/1/472875/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}