Description

The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375.

Remediation

References

CVE-2007-2748

Related Vulnerabilities

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27914)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6905)

WordPress Plugin Appointment Booking Calendar and Online Scheduling-BookingPress SQL Injection (1.0.10)

MySQL CVE-2018-2769 Vulnerability (CVE-2018-2769)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4747)

Severity

Medium

Classification

CVE-2007-2748 CWE-200

Tags

Missing Update Known Vulnerabilities