1. Home
  2. CVEs with statements.statement==This is not a security issue. A user with read and write access to a file can reasonably be expected to manipulate the contents of the file, including truncating it. Instead of using dba_replace(), a user could simply fopen() the file in write mode, which provides the same end-result.
Max CVSS 6.4 Min CVSS 6.4 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-7068 6.4
The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can
30-10-2018 - 16:26 25-08-2009 - 10:30
Back to Top Mark selected
Back to Top