Back to search
CVE-2008-5814
Published: Jan 2, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
JVN#50327700
third-party-advisory
x_refsource_JVN
HPSBMA02426
vendor-advisory
x_refsource_HP
JVNDB-2008-000084
third-party-advisory
x_refsource_JVNDB
HPSBMA02492
vendor-advisory
x_refsource_HP
35007
third-party-advisory
x_refsource_SECUNIA
34933
third-party-advisory
x_refsource_SECUNIA
34830
third-party-advisory
x_refsource_SECUNIA
USN-761-2
vendor-advisory
x_refsource_UBUNTU
35108
third-party-advisory
x_refsource_SECUNIA
RHSA-2009:0350
vendor-advisory
x_refsource_REDHAT
35003
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10501
vdb-entry
signature
x_refsource_OVAL
php-directives-xss(47496)
vdb-entry
x_refsource_XF
ADV-2009-1338
vdb-entry
x_refsource_VUPEN
SSRT090053
vendor-advisory
x_refsource_HP
SSRT100079
vendor-advisory
x_refsource_HP
USN-761-1
vendor-advisory
x_refsource_UBUNTU
DSA-1789
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now