Security Advisory: PHP Trans SID XSS (Was: New php release with security fixes) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Related information
  Multiple PHP bugs
  MOPB-08-2007:PHP 4 phpinfo() XSS Vulnerability (Deja-vu)
  PHP XSS exploit in phpinfo()
  PHP 4.3.2 released
  ISS Brief: Remote Compromise and Denial of Service Vulnerability in PHP

From: Sverre H. Huseby <shh_(at)_THATHOST.COM>
Date: 02.06.2003
Subject: PHP Trans SID XSS (Was: New php release with security fixes)

It also fixes the following, which wasn't mentioned in the summary (or
elsewhere, as far as I can see):

"Cross-site Scripting in PHP's Transparent Session ID Support"
  http://shh.thathost.com/secadv/2003-05-11-php.txt

Sverre.

--
shh@thathost.com
http://shh.thathost.com/

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin