PHP 'do_soap_call' Sensitive Information Disclosure Vulnerability
PHP is a general-purpose programming language. The 'dosoapcall' function in PHP's ext/soap/soap.c file does not verify that the uri attribute is a string, allowing remote attackers to provide serialized data with the int data type to obtain sensitive information...