Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.com:80?@good.example.com/ inputs to the parse_url function (implemented in the php_url_parse_ex function in ext/standard/url.c).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP 安全漏洞
Vulnerability Description
PHP(PHP:Hypertext Preprocessor,PHP:超文本预处理器)是PHP Group和开放源代码社区共同维护的一种开源的通用计算机脚本语言。该语言主要用于Web开发,支持多种数据库及操作系统。 PHP 5.6.28之前的版本和7.0.13之前的7.x版本中存在安全漏洞,该漏洞源于程序没有正确的处理URL解析器中的多个URI组件。攻击者可利用该漏洞绕过特殊域名的URL检测。
CVSS Information
N/A
Vulnerability Type
N/A