Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2010-1868 - Vulnerability Database
PHP

PHP Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2010-1868

High
Reference: CVE-2010-1868
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-1868
Title: PHP Improper Control of Generation of Code (Code Injection) Vulnerability
Overview:

The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query which triggers access of uninitialized memory.