WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Improper Input Validation Vulnerability (CVE-2007-5128)

Description

SimpNews 2.41.03 on Windows, when PHP before 5.0.0 is used, allows remote attackers to obtain sensitive information via an certain link_date parameter to events.php, which reveals the path in an error message due to an unsupported argument type for the mktime function on Windows.

Remediation

References

Related Vulnerabilities

WordPress Plugin BuddyPress Multiple Cross-Site Request Forgery Vulnerabilities (2.8.1)

WordPress Plugin HT Slider Range for Amazon affiliates Cross-Site Scripting (1.1.5)

MySQL CVE-2019-2486 Vulnerability (CVE-2019-2486)

b2evolution Use of Insufficiently Random Values Vulnerability (CVE-2022-30935)

MySQL CVE-2016-0596 Vulnerability (CVE-2016-0596)

Severity

Medium

Classification

CVE-2007-5128 CWE-20

Tags

Missing Update Known Vulnerabilities