PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php 5.1.6 |
||
php php 4.4.4 |