[nycphp-talk] Session basics
Billy Pilgrim
bpilgrim1979 at gmail.com
Fri Aug 19 14:08:47 EDT 2005
On 8/11/05, David Mintz <dmintz at davidmintz.org> wrote:
> On Thu, 11 Aug 2005, Brian O'Connor wrote:
>
> > So what you're saying is if I see a "?PHPSESSID=xxxxxxxxxxxx" in the URL of
> > my site, than it is vulnerable?
>
> Yeah.
Not to mention that if someone bookmarks the page, the session id will
get stored in the user's bookmark url!
More information about the talk
mailing list
Automatic Email Organization without missing anything!