The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 has a vulnerability allowing context-dependent attackers to modify arbitrary session variables
Reporter | Title | Published | Views | Family All 50 |
---|---|---|---|---|
Check Point Advisories | PhpMyAdmin ENV Superglobal Remote Variable Manipulation (CVE-2010-3065) | 14 Sep 201400:00 | – | checkpoint_advisories |
Check Point Advisories | PHP Session Serializer Session Data Injection (CVE-2010-3065) | 20 Oct 201300:00 | – | checkpoint_advisories |
NVD | CVE-2010-3065 | 20 Aug 201020:00 | – | nvd |
Cvelist | CVE-2010-3065 | 20 Aug 201019:00 | – | cvelist |
Prion | Default configuration | 20 Aug 201020:00 | – | prion |
CVE | CVE-2010-3065 | 20 Aug 201020:00 | – | cve |
Veracode | Authorization Bypass | 10 Apr 202000:53 | – | veracode |
The Hacker News | Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers | 9 Sep 201317:45 | – | thn |
The Hacker News | Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers | 9 Sep 201306:45 | – | thn |
ThreatPost | Call for Ban on Vulnerable PHP SuperGlobal Variables | 9 Sep 201314:54 | – | threatpost |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo