Description
Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
Remediation
References
Related Vulnerabilities
Drupal Core 9.0.x Multiple Security Bypass Vulnerabilities (9.0.0 - 9.0.14)
ownCloud Improper Authentication Vulnerability (CVE-2023-49105)
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33323)
OpenSSL Uncontrolled Resource Consumption Vulnerability (CVE-2016-6307)