CVE-2007-1287 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2007-1287

A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and PHP 6.0 in CVS, allows remote attackers to conduct cross-site scripting (XSS) attacks via GET, POST, or COOKIE array values, which are not escaped in the phpinfo output, as originally fixed for CVE-2005-3388.

Published: Mar 6, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-1287
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
php / php	4.4.4	4.4.4.x
php / php	6.0	6.0.x
php / php	4.4.5	4.4.5.x
php / php	4.4.6	4.4.6.x