Vulnerabilities

CVE-2010-4700

by Fred · 18/01/2011

The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.

Date published : 2011-01-18

http://www.securityfocus.com/bid/46056

http://bugs.php.net/52221

Similar

Tags: Cybersecurity Alert