Description

This alert was generated using only banner information. It may be a false positive.

The PHP development team would like to announce the immediate availability of PHP 5.2.8. This release addresses a regression introduced by 5.2.7 in regard to the magic_quotes functionality, that was broken by an incorrect fix to the filter extension. All users who have upgraded to 5.2.7 are encouraged to upgrade to this release, alternatively you can apply a work-around for the bug by changing "filter.default_flags=0" in php.ini

Affected PHP versions (5.2.7).

Remediation

Upgrade PHP to the latest version.

References

PHP 5.2.8 Release Announcement

PHP Homepage

Related Vulnerabilities

WordPress Plugin Job Manager Cross-Site Scripting (0.7.25)

Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31042)

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29518)

WordPress Plugin Qards Cross-Site Scripting (1.4.3)

Squid Other Vulnerability (CVE-2015-0881)

Severity

High

Classification

CVE-2008-2371 CVE-2008-2665 CVE-2008-2666 CVE-2008-2829 CVE-2008-3658 CVE-2008-3659 CVE-2008-3660 CWE-1104 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Missing Update