Description
Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax.
Remediation
References
Related Vulnerabilities
Liferay Portal CVE-2021-38266 Vulnerability (CVE-2021-38266)
PrestaShop Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-41651)
Moodle CVE-2019-14880 Vulnerability (CVE-2019-14880)
WordPress Plugin WooCommerce EnvioPack Cross-Site Scripting (1.2)
WordPress Plugin Woopra Analytics Arbitrary File Upload (1.4.3.1)