CVE-2007-5899 (PHP) |
|
| BugsAlert Home > CVE-2007-5899 (PHP) | |
|
The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5899 Learn more about CVE-2007-5899 (PHP) |
|
| Tags: cve-2007-5899 php | |
Related Items |
|
|
Stephen Donner: verifyAttribute help w/Selenium for AMO?
|
|
|
The Mozilla Blog: It?s time to Rock Your Firefox!
|
|
|
Luis Villa: Updating the MPL
|
|
|
Bugtraq: iDefense Security Advisory 02.01.10: Real Networks RealPlayer Compressed GIF Handling Integer Overflow
|
|
|
Fedora 10 Update: pptp-1.7.2-5.fc10
|
|
|
CVE-2008-6475 (drake_cms)
|
|
|
CVE-2008-5143 (multi-gnome-terminal)
|
|
