[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2007-4782":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":62,"aliases":72,"duplicate_of":9,"upstream":73,"downstream":74,"duplicates":83,"related":84,"reserved_at":9,"published_at":85,"modified_at":86,"state":87,"summary":88,"references_raw":96,"kevs":207,"epss":208,"epss_history":211,"metrics":464,"affected":469},"CVE-2007-4782","PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a \"*[1]e\" value.  NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-94","Improper Control of Generation of Code ('Code Injection')","The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.","weakness","Draft","Base","Medium",[20,24,58],{"id":21,"name":22,"techniques":23},"CAPEC-242","Code Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-35","Leverage Executable Code in Non-Executable Files",[28,39,46],{"id":29,"name":30,"tactics":31,"countermeasures":38},"T1027.006","HTML Smuggling",[32,35],{"id":33,"name":34},"TA0030","Defense Evasion",{"id":36,"name":37},"TA0005","Stealth",[],{"id":40,"name":41,"tactics":42,"countermeasures":45},"T1027.009","Embedded Payloads",[43,44],{"id":33,"name":34},{"id":36,"name":37},[],{"id":47,"name":48,"tactics":49,"countermeasures":52},"T1564.009","Resource Forking",[50,51],{"id":33,"name":34},{"id":36,"name":37},[53],{"id":54,"name":55,"tactic":56},"D3-FFV","File Format Verification",{"name":57},"Isolate",{"id":59,"name":60,"techniques":61},"CAPEC-77","Manipulating User-Controlled Variables",[],[63],{"_key":64,"name":65,"source":66,"url":67,"maturity":68,"reliability_score":69,"verified":70,"type":9,"platforms":71,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_6710709D2ADAAAE1","Exploit Reference (securityfocus.com)","reference","http://www.securityfocus.com/archive/1/478726/100/0/threaded","unknown",0.2,false,[],[],[],[75,77,79,81],{"_key":76},"RHSA-2008:0505",{"_key":78},"RHSA-2008:0544",{"_key":80},"RHSA-2008:0545",{"_key":82},"RHSA-2008:0582",[],[],"2007-09-10T21:00:00.000Z","2024-08-07T15:08:33.858Z","Modified",{"cisa_kev":70,"cisa_ransomware":70,"cisa_vendor":9,"epss_severity":89,"epss_score":90,"severity":91,"severity_score":92,"severity_version":93,"severity_source":94,"severity_vector":95,"severity_status":87},"low",0.02911,"medium",5,"v2.0","nvd","AV:N/AC:L/Au:N/C:N/I:N/A:P",[97,104,109,115,119,124,129,134,140,144,148,153,157,163,167,173,177,182,186,190,194,198,203],{"url":98,"sources":99,"tags":101},"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html",[100,94],"cve.org",[102,103],"Vendor Advisory","X Refsource FEDORA",{"url":105,"sources":106,"tags":107},"http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html",[100,94],[102,108],"X Refsource SUSE",{"url":110,"sources":111,"tags":112},"http://secunia.com/advisories/28658",[100,94],[113,114],"Third Party Advisory","X Refsource SECUNIA",{"url":116,"sources":117,"tags":118},"http://secunia.com/advisories/30828",[100,94],[113,114],{"url":120,"sources":121,"tags":122},"http://www.redhat.com/support/errata/RHSA-2008-0582.html",[100,94],[102,123],"X Refsource REDHAT",{"url":125,"sources":126,"tags":127},"http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml",[100,94],[102,128],"X Refsource GENTOO",{"url":130,"sources":131,"tags":132},"http://www.ubuntu.com/usn/usn-628-1",[100,94],[102,133],"X Refsource UBUNTU",{"url":135,"sources":136,"tags":137},"http://www.securityfocus.com/archive/1/478626/100/0/threaded",[100,94],[138,139],"Mailing List","X Refsource BUGTRAQ",{"url":141,"sources":142,"tags":143},"http://www.redhat.com/support/errata/RHSA-2008-0545.html",[100,94],[102,123],{"url":145,"sources":146,"tags":147},"http://secunia.com/advisories/31119",[100,94],[113,114],{"url":149,"sources":150,"tags":151},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:023",[100,94],[102,152],"X Refsource MANDRIVA",{"url":154,"sources":155,"tags":156},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:022",[100,94],[102,152],{"url":158,"sources":159,"tags":160},"https://exchange.xforce.ibmcloud.com/vulnerabilities/36457",[100,94],[161,162],"VDB Entry","X Refsource XF",{"url":164,"sources":165,"tags":166},"http://secunia.com/advisories/31200",[100,94],[113,114],{"url":168,"sources":169,"tags":170},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10897",[100,94],[161,171,172],"Signature","X Refsource OVAL",{"url":174,"sources":175,"tags":176},"http://www.redhat.com/support/errata/RHSA-2008-0544.html",[100,94],[102,123],{"url":178,"sources":179,"tags":180},"http://osvdb.org/38686",[100,94],[161,181],"X Refsource OSVDB",{"url":183,"sources":184,"tags":185},"https://exchange.xforce.ibmcloud.com/vulnerabilities/36461",[100,94],[161,162],{"url":187,"sources":188,"tags":189},"http://secunia.com/advisories/27102",[100,94],[113,114],{"url":191,"sources":192,"tags":193},"http://www.securityfocus.com/archive/1/478630/100/0/threaded",[100,94],[138,139],{"url":195,"sources":196,"tags":197},"http://www.redhat.com/support/errata/RHSA-2008-0505.html",[100,94],[102,123],{"url":199,"sources":200,"tags":201},"http://securityreason.com/securityalert/3109",[100,94],[113,202],"X Refsource SREASON",{"url":67,"sources":204,"tags":205},[100,94],[138,139,206],"Exploit",[],{"date":209,"score":90,"percentile":210},"2026-06-04",0.86634,[212,216,219,222,225,228,231,234,237,239,242,245,248,250,252,255,258,261,264,267,270,272,276,279,281,284,287,290,293,296,299,302,305,307,310,312,314,317,320,323,325,327,330,333,335,338,341,343,346,349,352,355,358,361,365,368,371,373,376,379,382,385,388,391,393,396,399,401,403,406,408,410,412,415,419,422,425,428,431,433,435,438,441,444,447,450,452,455,458,461],{"date":213,"score":214,"percentile":215},"2025-11-04",0.03843,0.87676,{"date":217,"score":214,"percentile":218},"2025-11-05",0.87678,{"date":220,"score":214,"percentile":221},"2025-11-06",0.87667,{"date":223,"score":214,"percentile":224},"2025-11-07",0.87672,{"date":226,"score":214,"percentile":227},"2025-11-08",0.87675,{"date":229,"score":214,"percentile":230},"2025-11-09",0.87669,{"date":232,"score":214,"percentile":233},"2025-11-10",0.87668,{"date":235,"score":214,"percentile":236},"2025-11-11",0.87673,{"date":238,"score":214,"percentile":218},"2025-11-12",{"date":240,"score":214,"percentile":241},"2025-11-13",0.87684,{"date":243,"score":214,"percentile":244},"2025-11-14",0.87687,{"date":246,"score":214,"percentile":247},"2025-11-15",0.87682,{"date":249,"score":214,"percentile":244},"2025-11-16",{"date":251,"score":214,"percentile":241},"2025-11-17",{"date":253,"score":214,"percentile":254},"2025-11-18",0.87057,{"date":256,"score":214,"percentile":257},"2025-11-19",0.8706,{"date":259,"score":214,"percentile":260},"2025-11-20",0.87063,{"date":262,"score":214,"percentile":263},"2025-11-21",0.87701,{"date":265,"score":214,"percentile":266},"2025-11-22",0.87697,{"date":268,"score":214,"percentile":269},"2025-11-23",0.87694,{"date":271,"score":214,"percentile":269},"2025-11-24",{"date":273,"score":274,"percentile":275},"2025-11-25",0.03798,0.87603,{"date":277,"score":274,"percentile":278},"2025-11-26",0.87602,{"date":280,"score":274,"percentile":275},"2025-11-27",{"date":282,"score":274,"percentile":283},"2025-11-28",0.87589,{"date":285,"score":274,"percentile":286},"2025-11-29",0.87663,{"date":288,"score":274,"percentile":289},"2025-11-30",0.87664,{"date":291,"score":274,"percentile":292},"2025-12-01",0.87727,{"date":294,"score":274,"percentile":295},"2025-12-02",0.87729,{"date":297,"score":274,"percentile":298},"2025-12-03",0.87728,{"date":300,"score":274,"percentile":301},"2025-12-04",0.87662,{"date":303,"score":274,"percentile":304},"2025-12-05",0.87666,{"date":306,"score":274,"percentile":289},"2025-12-06",{"date":308,"score":274,"percentile":309},"2025-12-07",0.87661,{"date":311,"score":274,"percentile":301},"2025-12-08",{"date":313,"score":274,"percentile":227},"2025-12-09",{"date":315,"score":274,"percentile":316},"2025-12-10",0.8769,{"date":318,"score":274,"percentile":319},"2025-12-11",0.87695,{"date":321,"score":274,"percentile":322},"2025-12-12",0.87699,{"date":324,"score":274,"percentile":322},"2025-12-13",{"date":326,"score":274,"percentile":319},"2025-12-14",{"date":328,"score":274,"percentile":329},"2025-12-15",0.87692,{"date":331,"score":274,"percentile":332},"2025-12-16",0.87698,{"date":334,"score":274,"percentile":263},"2025-12-17",{"date":336,"score":274,"percentile":337},"2025-12-18",0.87709,{"date":339,"score":274,"percentile":340},"2025-12-19",0.87711,{"date":342,"score":274,"percentile":337},"2025-12-20",{"date":344,"score":274,"percentile":345},"2025-12-21",0.87714,{"date":347,"score":274,"percentile":348},"2025-12-22",0.87715,{"date":350,"score":274,"percentile":351},"2025-12-23",0.87719,{"date":353,"score":274,"percentile":354},"2025-12-24",0.87724,{"date":356,"score":274,"percentile":357},"2025-12-25",0.87736,{"date":359,"score":274,"percentile":360},"2025-12-26",0.87734,{"date":362,"score":363,"percentile":364},"2025-12-27",0.02437,0.84798,{"date":366,"score":274,"percentile":367},"2025-12-28",0.87722,{"date":369,"score":274,"percentile":370},"2025-12-29",0.87716,{"date":372,"score":274,"percentile":292},"2025-12-30",{"date":374,"score":274,"percentile":375},"2025-12-31",0.8774,{"date":377,"score":274,"percentile":378},"2026-01-01",0.87798,{"date":380,"score":274,"percentile":381},"2026-01-02",0.87793,{"date":383,"score":274,"percentile":384},"2026-01-03",0.87792,{"date":386,"score":274,"percentile":387},"2026-01-04",0.8773,{"date":389,"score":274,"percentile":390},"2026-01-05",0.87725,{"date":392,"score":274,"percentile":295},"2026-01-06",{"date":394,"score":274,"percentile":395},"2026-01-07",0.87732,{"date":397,"score":274,"percentile":398},"2026-01-08",0.87738,{"date":400,"score":274,"percentile":398},"2026-01-09",{"date":402,"score":274,"percentile":398},"2026-01-10",{"date":404,"score":274,"percentile":405},"2026-01-11",0.87731,{"date":407,"score":274,"percentile":298},"2026-01-12",{"date":409,"score":274,"percentile":292},"2026-01-13",{"date":411,"score":274,"percentile":375},"2026-01-14",{"date":413,"score":274,"percentile":414},"2026-01-15",0.87742,{"date":416,"score":417,"percentile":418},"2026-01-16",0.03282,0.86826,{"date":420,"score":417,"percentile":421},"2026-01-17",0.86829,{"date":423,"score":417,"percentile":424},"2026-01-18",0.8683,{"date":426,"score":417,"percentile":427},"2026-01-19",0.86824,{"date":429,"score":417,"percentile":430},"2026-01-20",0.86819,{"date":432,"score":417,"percentile":427},"2026-01-21",{"date":434,"score":417,"percentile":421},"2026-01-22",{"date":436,"score":417,"percentile":437},"2026-01-23",0.86844,{"date":439,"score":417,"percentile":440},"2026-01-24",0.8685,{"date":442,"score":417,"percentile":443},"2026-01-25",0.86845,{"date":445,"score":417,"percentile":446},"2026-01-26",0.86841,{"date":448,"score":417,"percentile":449},"2026-01-27",0.86842,{"date":451,"score":417,"percentile":443},"2026-01-28",{"date":453,"score":417,"percentile":454},"2026-01-29",0.86847,{"date":456,"score":417,"percentile":457},"2026-01-30",0.86846,{"date":459,"score":417,"percentile":460},"2026-01-31",0.86848,{"date":462,"score":417,"percentile":463},"2026-02-01",0.86915,[465],{"source":94,"cvss_v2_0":466,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":92,"baseSeverity":9,"vectorString":95,"impactScore":467,"exploitabilityScore":468},2.9,10,[470],{"ecosystem":9,"name":471,"vendor":9,"product":471,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":472},"PHP",[473],{"version":474,"is_range":475,"range_type":476,"version_start":9,"version_start_type":9,"version_end":477,"version_end_type":478,"fixed_in":9},"lte5.2.3",true,"cpe","5.2.3","including"]