Description
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
Remediation
References
Related Vulnerabilities
WordPress Plugin Flipbox-Awesomes Flip Boxes Image Overlay Security Bypass (2.6.0)
WordPress Plugin Sina Extension for Elementor Multiple Cross-Site Scripting Vulnerabilities (3.3.11)
Moodle DEPRECATED: Code Vulnerability (CVE-2015-3177)
PostgreSQL Out-of-bounds Read Vulnerability (CVE-2019-10129)
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-0300)