WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Configuration Vulnerability (CVE-2008-5844)

Description

PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functionality, and unintentionally disables magic_quotes_gpc regardless of the actual magic_quotes_gpc setting, which might make it easier for context-dependent attackers to conduct SQL injection attacks and unspecified other attacks.

Remediation

References

Related Vulnerabilities

Mailman Other Vulnerability (CVE-2002-0389)

WordPress Plugin Login with Cognito Cross-Site Scripting (1.4.3)

Oracle Database Server CVE-2007-2118 Vulnerability (CVE-2007-2118)

WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.2)

WordPress Plugin Link Optimizer Lite Cross-Site Request Forgery (1.4.5)

Severity

High

Classification

CVE-2008-5844

Tags

Missing Update Known Vulnerabilities