PHP <= 5.2.11 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/37389/info PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

PHP <5.2.12 htmlspecialcharacters()畸形多字节字符跨站脚本攻击漏洞

No description provided by source...

PHP 'htmlspecialcharacters()'畸形多字节字符跨站脚本漏洞

Bugraq ID: 37389 CVE ID：CVE-2009-4142 PHP是一款流行的网络编程语言。 htmlspecialchars函数不严格检查多字节序列，远程攻击者可以利用漏洞进行跨站脚本攻击。 PHP PHP 5.2.11 PHP PHP 5.2.10 PHP PHP 5.2.9 PHP PHP 5.2.8 PHP PHP 5.2.7 PHP PHP 5.2.6 PHP PHP 5.2.5 PHP PHP 5.2.4 PHP PHP 5.2.3 PHP PHP 5.2.2 PHP PHP 5.2.1 PHP PHP 5.2 PHP...