PHP Multiple Extensions Format String and Cross Site ....
PHP Multiple Extensions Format String and Cross Site Scripting Issues Multiple vulnerabilities were identified in PHP, which could be exploited by attackers to execute arbitrary commands or scripting code.
This topic was started by Jackass,
PHP Multiple Extensions Format String and Cross Site Scripting Issues
Multiple vulnerabilities were identified in PHP, which could be exploited by attackers to execute arbitrary commands or scripting code.
The first issue is due to a format string error in the error reporting feature of the "mysqli" extension that does not properly validate certain error messages generated by the SQL server, which could be exploited by local or remote attackers (under certain conditions) to execute arbitrary code with the privileges of the web server.
Review
Multiple vulnerabilities were identified in PHP, which could be exploited by attackers to execute arbitrary commands or scripting code.
The first issue is due to a format string error in the error reporting feature of the "mysqli" extension that does not properly validate certain error messages generated by the SQL server, which could be exploited by local or remote attackers (under certain conditions) to execute arbitrary code with the privileges of the web server.
Review
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
