Description

This alert was generated using only banner information. It may be a false positive.

The PHP development team would like to announce the immediate availability of PHP 5.2.8. This release addresses a regression introduced by 5.2.7 in regard to the magic_quotes functionality, that was broken by an incorrect fix to the filter extension. All users who have upgraded to 5.2.7 are encouraged to upgrade to this release, alternatively you can apply a work-around for the bug by changing "filter.default_flags=0" in php.ini

Affected PHP versions (5.2.7).

Remediation

Upgrade PHP to the latest version.

References

PHP 5.2.8 Release Announcement

PHP Homepage

Related Vulnerabilities

Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8166)

PostgreSQL Other Vulnerability (CVE-2002-1399)

MySQL CVE-2021-2028 Vulnerability (CVE-2021-2028)

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-26876)

Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-4524)

Severity

High

Classification

CVE-2008-2371 CVE-2008-2665 CVE-2008-2666 CVE-2008-2829 CVE-2008-3658 CVE-2008-3659 CVE-2008-3660 CWE-1104 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Missing Update