Vulnerabilities > CVE-2007-3580 - Unspecified vulnerability in PHPids
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
PHPIDS does not properly handle certain code containing newlines, as demonstrated by a try/catch block within a loop, which allows user-assisted remote attackers to inject arbitrary web script.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0
- http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0
- http://osvdb.org/45755
- http://osvdb.org/45755
- http://sla.ckers.org/forum/read.php?2%2C13209%2C13218
- http://sla.ckers.org/forum/read.php?2%2C13209%2C13218
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35521
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35521