Security Advisory

CVE-2015-6527

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-01-19 02:00:00

Last updated 2024-08-06 07:22:22

Assigner mitre

State PUBLISHED

Description

The php_str_replace_in_subject function in ext/standard/string.c in PHP 7.x before 7.0.0 allows remote attackers to execute arbitrary code via a crafted value in the third argument to the str_ireplace function.

← Browse all CVEs View on cve.org ↗