Количество 12
Количество 12
CVE-2016-7125
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.
CVE-2016-7125
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.
CVE-2016-7125
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.
CVE-2016-7125
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips ...
GHSA-r949-99vg-366c
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.
BDU:2022-02403
Уязвимость компонента ext/session/session.c интерпретатора языка программирования PHP, позволяющая нарушителю изменять данные сеанса пользователя
SUSE-SU-2016:2459-1
Security update for php53
SUSE-SU-2016:2328-1
Security update for php53
openSUSE-SU-2016:2451-1
Security update for php5
SUSE-SU-2016:2408-1
Security update for php5
SUSE-SU-2016:2460-2
Security update for php7
SUSE-SU-2016:2460-1
Security update for php7
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-7125 ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection. | CVSS3: 7.5 | 1% Низкий | около 9 лет назад |
 | CVE-2016-7125 ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection. | CVSS3: 7.5 | 1% Низкий | около 9 лет назад |
 | CVE-2016-7125 ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection. | CVSS3: 7.5 | 1% Низкий | около 9 лет назад |
| CVE-2016-7125 ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips ... | CVSS3: 7.5 | 1% Низкий | около 9 лет назад |
| GHSA-r949-99vg-366c ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | BDU:2022-02403 Уязвимость компонента ext/session/session.c интерпретатора языка программирования PHP, позволяющая нарушителю изменять данные сеанса пользователя | CVSS3: 7.5 | 1% Низкий | около 9 лет назад |
 | SUSE-SU-2016:2459-1 Security update for php53 | около 9 лет назад | ||
| SUSE-SU-2016:2328-1 Security update for php53 | около 9 лет назад | ||
| openSUSE-SU-2016:2451-1 Security update for php5 | около 9 лет назад | ||
| SUSE-SU-2016:2408-1 Security update for php5 | около 9 лет назад | ||
| SUSE-SU-2016:2460-2 Security update for php7 | около 9 лет назад | ||
| SUSE-SU-2016:2460-1 Security update for php7 | около 9 лет назад |
Уязвимостей на страницу