Vulnerabilities > CVE-2007-3578 - Unspecified vulnerability in PHPids

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

phpids

NVD

Published: 2007-07-05

Updated: 2024-11-21

Summary

PHPIDS before 20070703 does not properly handle (1) arithmetic expressions and (2) unclosed comments, which allows remote attackers to inject arbitrary web script.

Vulnerable Configurations

Part	Description	Count
Application	Phpids Phpids Phpids *	1

References

http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0
http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0
http://osvdb.org/45757
http://osvdb.org/45757
http://osvdb.org/45758
http://osvdb.org/45758
http://sla.ckers.org/forum/read.php?2%2C13209%2C13218
http://sla.ckers.org/forum/read.php?2%2C13209%2C13218
https://exchange.xforce.ibmcloud.com/vulnerabilities/35519
https://exchange.xforce.ibmcloud.com/vulnerabilities/35519