Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP output_add_rewrite_var函数多个安全漏洞
Vulnerability Description
PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP 5.2.5之前版本重写output_add_rewrite_var函数的局部形式的行动属性引用一个非本地的URL,远程攻击者通过阅读获得此URL的要求潜在的敏感信息,包含一个改写形式展示了本地会话ID。
CVSS Information
N/A
Vulnerability Type
N/A