Invicti detected that the session.use_trans_sid is enabled.
When session.use_trans_sid is enabled, PHP will pass the session ID via the URL.
By using this vulnerability, an attacker can:
To disable session.use_trans_sid, you can set it to 'off' in the php.ini configuration file or alternatively in .htaccess.

You can search and find all vulnerabilities
