Description

The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375.

Remediation

References

CVE-2007-2748

Related Vulnerabilities

Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7912)

WordPress Plugin Slider by 10Web-Responsive Image Slider Unspecified Vulnerability (1.1.9)

ZenCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4567)

WordPress Plugin UserPro-Community and User Profile Cross-Site Scripting (2.33)

WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.5)

Severity

Medium

Classification

CVE-2007-2748 CWE-200

Tags

Missing Update Known Vulnerabilities