WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Improper Input Validation Vulnerability (CVE-2007-5128)

Description

SimpNews 2.41.03 on Windows, when PHP before 5.0.0 is used, allows remote attackers to obtain sensitive information via an certain link_date parameter to events.php, which reveals the path in an error message due to an unsupported argument type for the mktime function on Windows.

Remediation

References

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-2002-1695)

phpMyAdmin Other Vulnerability (CVE-2004-1055)

Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2017-15710)

Oracle Database Server CVE-2023-22096 Vulnerability (CVE-2023-22096)

WordPress Plugin GD Star Rating 'votes' Parameter SQL Injection (1.9.8)

Severity

Medium

Classification

CVE-2007-5128 CWE-20

Tags

Missing Update Known Vulnerabilities