Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2007-3799

🗓️ 16 Jul 2007 22:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 108 Views

PHP session_start function in 4.x and 5.x allows remote attackers to insert arbitrary attributes into the session cookie

Related
Detection
Refs
ReporterTitlePublishedViews
Family
Tenable Nessus		CentOS 3 : php (CESA-2007:0889)
3 Oct 200700:00
nessus
Tenable Nessus		CentOS 4 / 5 : php (CESA-2007:0890)
24 Sep 200700:00
nessus
Tenable Nessus		Debian DSA-1444-2 : php5 - several vulnerabilities
4 Jan 200800:00
nessus
Tenable Nessus		Debian DSA-1578-1 : php4 - several vulnerabilities
19 May 200800:00
nessus
Tenable Nessus		F5 Networks BIG-IP : Multiple PHP vulnerabilities (K13519)
10 Oct 201400:00
nessus
Tenable Nessus		Fedora Core 6 : php-5.1.6-3.7.fc6 (2007-709)
25 Sep 200700:00
nessus
Tenable Nessus		Mac OS X Multiple Vulnerabilities (Security Update 2008-002)
19 Mar 200800:00
nessus
Tenable Nessus		Mandrake Linux Security Advisory : php (MDKSA-2007:187)
24 Sep 200700:00
nessus
Tenable Nessus		Oracle Linux 3 : php (ELSA-2007-0889)
12 Jul 201300:00
nessus
Tenable Nessus		Oracle Linux 5 : Moderate: / php (ELSA-2007-0890)
12 Jul 201300:00
nessus
Rows per page
NVD
Node
phpphpMatch4.0beta_4_patch1
OR
phpphpMatch4.0beta1
OR
phpphpMatch4.0beta2
OR
phpphpMatch4.0beta3
OR
phpphpMatch4.0beta4
OR
phpphpMatch4.0.0
OR
phpphpMatch4.0.1
OR
phpphpMatch4.0.2
OR
phpphpMatch4.0.3
OR
phpphpMatch4.0.4
OR
phpphpMatch4.0.5
OR
phpphpMatch4.0.6
OR
phpphpMatch4.0.7
OR
phpphpMatch4.1.0
OR
phpphpMatch4.1.1
OR
phpphpMatch4.1.2
OR
phpphpMatch4.2.0
OR
phpphpMatch4.2.1
OR
phpphpMatch4.2.2
OR
phpphpMatch4.2.3
OR
phpphpMatch4.3.0
OR
phpphpMatch4.3.1
OR
phpphpMatch4.3.2
OR
phpphpMatch4.3.3
OR
phpphpMatch4.3.4
OR
phpphpMatch4.3.5
OR
phpphpMatch4.3.6
OR
phpphpMatch4.3.7
OR
phpphpMatch4.3.8
OR
phpphpMatch4.3.9
OR
phpphpMatch4.3.10
OR
phpphpMatch4.3.11
OR
phpphpMatch4.4.0
OR
phpphpMatch4.4.1
OR
phpphpMatch4.4.2
OR
phpphpMatch4.4.3
OR
phpphpMatch4.4.4
OR
phpphpMatch4.4.5
OR
phpphpMatch4.4.6
OR
phpphpMatch4.4.7
Node
phpphpMatch5.0.0
OR
phpphpMatch5.0.0beta1
OR
phpphpMatch5.0.0beta2
OR
phpphpMatch5.0.0beta3
OR
phpphpMatch5.0.0beta4
OR
phpphpMatch5.0.0rc1
OR
phpphpMatch5.0.0rc2
OR
phpphpMatch5.0.0rc3
OR
phpphpMatch5.0.1
OR
phpphpMatch5.0.2
OR
phpphpMatch5.0.3
OR
phpphpMatch5.0.4
OR
phpphpMatch5.0.5
OR
phpphpMatch5.1.0
OR
phpphpMatch5.1.1
OR
phpphpMatch5.1.2
OR
phpphpMatch5.1.3
OR
phpphpMatch5.1.4
OR
phpphpMatch5.1.5
OR
phpphpMatch5.1.6
OR
phpphpMatch5.2.0
OR
phpphpMatch5.2.1
OR
phpphpMatch5.2.2
OR
phpphpMatch5.2.3
OR
phpphpMatch5.2.10
OR
phpphpMatch5.2.11
OR
phpphpMatch5.2.12
OR
phpphpMatch5.2.13
OR
phpphpMatch5.2.14

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
23 Apr 2026 00:35Current
7.7High risk
Vulners AI Score7.7
CVSS 24.3
EPSS0.09249
CWE-20
phpsession_startcve-2007-3799vulnerabilitysecurityremote attackers
108