Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

PHP 5.x < 5.2.8 magic_quotes_gpc Security Bypass

High

Synopsis

The remote web server uses a version of PHP that is affected by a security bypass weakness.

Description

According to its banner, the version of PHP installed on the remote host is 5.2.7. This version introduced a regression with regard to 'magic_quotes' functionality due to an incorrect fix to the filter extension. As a result, the 'magic_quotes_gpc' setting remains off even if it is set to on.

Solution

Upgrade to version 5.2.8 or higher.