Description

PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625.

Remediation

References

CVE-2007-5900

Related Vulnerabilities

Apache Tomcat Other Vulnerability (CVE-2001-0829)

MySQL CVE-2019-2798 Vulnerability (CVE-2019-2798)

WordPress 3.9.x Cross-Site Scripting Vulnerability (3.9 - 3.9.9)

WordPress Plugin Product list Widget for Woocommerce Cross-Site Scripting (1.0)

WordPress Plugin yolink Search for WordPress 'bulkcrawl.php' SQL Injection (1.1.4)

Severity

Medium

Classification

CVE-2007-5900 CWE-264

Tags

Missing Update Known Vulnerabilities