Description

PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.

Remediation

References

CVE-2004-0263

Related Vulnerabilities

Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39114)

MySQL CVE-2024-21102 Vulnerability (CVE-2024-21102)

WordPress Plugin SecureMoz Security Audit PHP Object Injection (1.0.5)

WordPress Plugin Free Booking for Hotels, Restaurant and Car Rental-eaSYNC Arbitrary File Upload (1.1.15)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-15728)

Severity

Medium

Classification

CVE-2004-0263

Tags

Missing Update Known Vulnerabilities