Main Vulnerability Database Exploits ID:11516 - Exploit for Input validation error in PHP - CVE-2004-0958

ID:11516 - Exploit for Input validation error in PHP - CVE-2004-0958

Published: June 9, 2025

Vulnerability identifier: #VU110519

Vulnerability risk: Medium

CVE-ID: CVE-2004-0958

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
PHP

Link to public exploit:

https://www.exploit-db.com/exploits/24656/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.

Remediation

Install update from vendor's website.

ID:11516 - Exploit for Input validation error in PHP - CVE-2004-0958

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human