Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP,Hardened-PHP,Subhosin parse_str函数 远程攻击漏洞
Vulnerability Description
PHP、Hardened-PHP、Subhosin的parse_str函数中存在远程攻击漏洞。远程攻击漏洞当在不带有第二个参数的情况下被调用时,(1)PHP;(2)Hardened-PHP和(3)Subhosin中的parse_str函数可能允许远程攻击者通过详细说明被解析的字符串中的名字和值,重写任意变量。
CVSS Information
N/A
Vulnerability Type
N/A