Description

Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."

Remediation

References

CVE-2005-3388

Related Vulnerabilities

e107 Other Vulnerability (CVE-2006-4794)

PHP DEPRECATED: Code Vulnerability (CVE-2014-9426)

Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2020-35452)

WordPress Plugin All-in-One Custom Backgrounds Lite Unspecified Vulnerability (2.0.2)

Oracle Database Server CVE-2009-1991 Vulnerability (CVE-2009-1991)

Severity

Medium

Classification

CVE-2005-3388

Tags

Missing Update Known Vulnerabilities