[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2009-0754":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":53,"duplicate_of":9,"upstream":54,"downstream":55,"duplicates":64,"related":65,"reserved_at":9,"published_at":66,"modified_at":67,"state":68,"summary":69,"references_raw":76,"kevs":161,"epss":162,"epss_history":165,"metrics":434,"affected":439},"CVE-2009-0754","PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-134","Use of Externally-Controlled Format String","The product uses a function that accepts a format string as an argument, but the format string originates from an external source.","weakness","Draft","Base","High",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-135","Format String Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-67","String Format Overflow in syslog()",[],[29,38],{"_key":30,"name":31,"source":32,"url":33,"maturity":34,"reliability_score":35,"verified":36,"type":9,"platforms":37,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_BDF875136C1BDF51","Exploit Reference (bugs.php.net)","reference","http://bugs.php.net/bug.php?id=27421","unknown",0.2,false,[],{"_key":39,"name":40,"source":41,"url":42,"maturity":43,"reliability_score":44,"verified":45,"type":46,"platforms":47,"requires_auth":9,"exploitdb":49,"metasploit":9},"32769","PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial of Service","exploit-database","https://www.exploit-db.com/exploits/32769","poc",0.8,true,"dos",[48],"php",{"verified":45,"type":46,"platform":48,"file":50,"codes":51},"exploits/php/dos/32769.php",[7,52],"OSVDB-53574",[],[],[56,58,60,62],{"_key":57},"RHSA-2009:0337",{"_key":59},"RHSA-2009:0338",{"_key":61},"RHSA-2009:0350",{"_key":63},"DSA-1789-1",[],[],"2009-03-03T16:00:00.000Z","2024-08-07T04:48:51.938Z","Modified",{"cisa_kev":36,"cisa_ransomware":36,"cisa_vendor":9,"epss_severity":70,"epss_score":71,"severity":70,"severity_score":72,"severity_version":73,"severity_source":74,"severity_vector":75,"severity_status":68},"low",0.00216,2.1,"v2.0","nvd","AV:L/AC:L/Au:N/C:N/I:P/A:N",[77,84,90,96,101,107,113,117,121,125,129,134,139,143,147,151,156],{"url":78,"sources":79,"tags":81},"http://www.securitytracker.com/id?1021979",[80,74],"cve.org",[82,83],"VDB Entry","X Refsource SECTRACK",{"url":85,"sources":86,"tags":87},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11035",[80,74],[82,88,89],"Signature","X Refsource OVAL",{"url":33,"sources":91,"tags":92},[80,74],[93,94,95],"X Refsource CONFIRM","Exploit","Vendor Advisory",{"url":97,"sources":98,"tags":99},"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html",[80,74],[95,100],"X Refsource FEDORA",{"url":102,"sources":103,"tags":104},"http://secunia.com/advisories/34642",[80,74],[105,106],"Third Party Advisory","X Refsource SECUNIA",{"url":108,"sources":109,"tags":110},"http://www.openwall.com/lists/oss-security/2009/01/30/1",[80,74],[111,112],"Mailing List","X Refsource MLIST",{"url":114,"sources":115,"tags":116},"http://www.openwall.com/lists/oss-security/2009/02/25/3",[80,74],[111,112],{"url":118,"sources":119,"tags":120},"http://secunia.com/advisories/35007",[80,74],[105,106],{"url":122,"sources":123,"tags":124},"http://www.openwall.com/lists/oss-security/2009/02/03/3",[80,74],[111,112],{"url":126,"sources":127,"tags":128},"http://secunia.com/advisories/34830",[80,74],[105,106],{"url":130,"sources":131,"tags":132},"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html",[80,74],[95,133],"X Refsource SUSE",{"url":135,"sources":136,"tags":137},"http://www.redhat.com/support/errata/RHSA-2009-0350.html",[80,74],[95,138],"X Refsource REDHAT",{"url":140,"sources":141,"tags":142},"https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html",[80,74],[95,100],{"url":144,"sources":145,"tags":146},"http://secunia.com/advisories/35003",[80,74],[105,106],{"url":148,"sources":149,"tags":150},"http://secunia.com/advisories/35306",[80,74],[105,106],{"url":152,"sources":153,"tags":154},"https://usn.ubuntu.com/761-1/",[80,74],[95,155],"X Refsource UBUNTU",{"url":157,"sources":158,"tags":159},"http://www.debian.org/security/2009/dsa-1789",[80,74],[95,160],"X Refsource DEBIAN",[],{"date":163,"score":71,"percentile":164},"2026-06-04",0.44174,[166,170,173,176,179,182,185,188,191,194,197,200,203,206,209,212,215,218,221,224,227,230,233,236,239,242,245,248,250,253,256,259,262,265,268,271,274,277,280,283,285,288,291,294,297,300,303,306,309,312,315,317,320,323,327,330,332,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402,405,408,411,414,417,420,423,426,428,431],{"date":167,"score":168,"percentile":169},"2025-11-04",0.00212,0.43818,{"date":171,"score":168,"percentile":172},"2025-11-05",0.43815,{"date":174,"score":168,"percentile":175},"2025-11-06",0.43826,{"date":177,"score":168,"percentile":178},"2025-11-07",0.43853,{"date":180,"score":168,"percentile":181},"2025-11-08",0.43852,{"date":183,"score":168,"percentile":184},"2025-11-09",0.43829,{"date":186,"score":168,"percentile":187},"2025-11-10",0.4379,{"date":189,"score":168,"percentile":190},"2025-11-11",0.43808,{"date":192,"score":168,"percentile":193},"2025-11-12",0.43844,{"date":195,"score":168,"percentile":196},"2025-11-13",0.43856,{"date":198,"score":168,"percentile":199},"2025-11-14",0.43868,{"date":201,"score":168,"percentile":202},"2025-11-15",0.43862,{"date":204,"score":168,"percentile":205},"2025-11-16",0.43846,{"date":207,"score":168,"percentile":208},"2025-11-17",0.43817,{"date":210,"score":168,"percentile":211},"2025-11-18",0.39703,{"date":213,"score":168,"percentile":214},"2025-11-19",0.39711,{"date":216,"score":168,"percentile":217},"2025-11-20",0.39713,{"date":219,"score":168,"percentile":220},"2025-11-21",0.43802,{"date":222,"score":168,"percentile":223},"2025-11-22",0.43799,{"date":225,"score":168,"percentile":226},"2025-11-23",0.43778,{"date":228,"score":168,"percentile":229},"2025-11-24",0.43771,{"date":231,"score":168,"percentile":232},"2025-11-25",0.43782,{"date":234,"score":168,"percentile":235},"2025-11-26",0.4378,{"date":237,"score":168,"percentile":238},"2025-11-27",0.43787,{"date":240,"score":168,"percentile":241},"2025-11-28",0.43755,{"date":243,"score":168,"percentile":244},"2025-11-29",0.43736,{"date":246,"score":168,"percentile":247},"2025-11-30",0.43715,{"date":249,"score":168,"percentile":181},"2025-12-01",{"date":251,"score":168,"percentile":252},"2025-12-02",0.43866,{"date":254,"score":168,"percentile":255},"2025-12-03",0.43864,{"date":257,"score":168,"percentile":258},"2025-12-04",0.43721,{"date":260,"score":168,"percentile":261},"2025-12-05",0.43745,{"date":263,"score":168,"percentile":264},"2025-12-06",0.43739,{"date":266,"score":168,"percentile":267},"2025-12-07",0.43723,{"date":269,"score":168,"percentile":270},"2025-12-08",0.43727,{"date":272,"score":168,"percentile":273},"2025-12-09",0.43762,{"date":275,"score":168,"percentile":276},"2025-12-10",0.4383,{"date":278,"score":168,"percentile":279},"2025-12-11",0.43859,{"date":281,"score":168,"percentile":282},"2025-12-12",0.43886,{"date":284,"score":168,"percentile":252},"2025-12-13",{"date":286,"score":168,"percentile":287},"2025-12-14",0.43834,{"date":289,"score":168,"percentile":290},"2025-12-15",0.43816,{"date":292,"score":168,"percentile":293},"2025-12-16",0.43839,{"date":295,"score":168,"percentile":296},"2025-12-17",0.4388,{"date":298,"score":168,"percentile":299},"2025-12-18",0.4392,{"date":301,"score":168,"percentile":302},"2025-12-19",0.43939,{"date":304,"score":168,"percentile":305},"2025-12-20",0.43916,{"date":307,"score":168,"percentile":308},"2025-12-21",0.43879,{"date":310,"score":168,"percentile":311},"2025-12-22",0.43855,{"date":313,"score":168,"percentile":314},"2025-12-23",0.4385,{"date":316,"score":168,"percentile":255},"2025-12-24",{"date":318,"score":168,"percentile":319},"2025-12-25",0.43915,{"date":321,"score":168,"percentile":322},"2025-12-26",0.43895,{"date":324,"score":325,"percentile":326},"2025-12-27",0.00271,0.50344,{"date":328,"score":168,"percentile":329},"2025-12-28",0.4382,{"date":331,"score":168,"percentile":220},"2025-12-29",{"date":333,"score":334,"percentile":335},"2025-12-30",0.00158,0.3713,{"date":337,"score":334,"percentile":338},"2025-12-31",0.37192,{"date":340,"score":334,"percentile":341},"2026-01-01",0.37341,{"date":343,"score":334,"percentile":344},"2026-01-02",0.37313,{"date":346,"score":334,"percentile":347},"2026-01-03",0.37302,{"date":349,"score":334,"percentile":350},"2026-01-04",0.37139,{"date":352,"score":334,"percentile":353},"2026-01-05",0.3712,{"date":355,"score":334,"percentile":356},"2026-01-06",0.37126,{"date":358,"score":334,"percentile":359},"2026-01-07",0.37154,{"date":361,"score":334,"percentile":362},"2026-01-08",0.3718,{"date":364,"score":334,"percentile":365},"2026-01-09",0.37173,{"date":367,"score":334,"percentile":368},"2026-01-10",0.37176,{"date":370,"score":334,"percentile":371},"2026-01-11",0.37151,{"date":373,"score":334,"percentile":374},"2026-01-12",0.37103,{"date":376,"score":334,"percentile":377},"2026-01-13",0.37079,{"date":379,"score":334,"percentile":380},"2026-01-14",0.37128,{"date":382,"score":334,"percentile":383},"2026-01-15",0.37116,{"date":385,"score":334,"percentile":386},"2026-01-16",0.37138,{"date":388,"score":334,"percentile":389},"2026-01-17",0.37115,{"date":391,"score":334,"percentile":392},"2026-01-18",0.37059,{"date":394,"score":334,"percentile":395},"2026-01-19",0.37006,{"date":397,"score":334,"percentile":398},"2026-01-20",0.36986,{"date":400,"score":334,"percentile":401},"2026-01-21",0.36963,{"date":403,"score":334,"percentile":404},"2026-01-22",0.36946,{"date":406,"score":334,"percentile":407},"2026-01-23",0.37007,{"date":409,"score":334,"percentile":410},"2026-01-24",0.37012,{"date":412,"score":334,"percentile":413},"2026-01-25",0.36953,{"date":415,"score":334,"percentile":416},"2026-01-26",0.36884,{"date":418,"score":334,"percentile":419},"2026-01-27",0.3688,{"date":421,"score":334,"percentile":422},"2026-01-28",0.36868,{"date":424,"score":334,"percentile":425},"2026-01-29",0.3684,{"date":427,"score":334,"percentile":425},"2026-01-30",{"date":429,"score":334,"percentile":430},"2026-01-31",0.36842,{"date":432,"score":334,"percentile":433},"2026-02-01",0.36945,[435],{"source":74,"cvss_v2_0":436,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":72,"baseSeverity":9,"vectorString":75,"impactScore":437,"exploitabilityScore":438},2.9,3.9,[440],{"ecosystem":9,"name":441,"vendor":9,"product":441,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":442},"PHP",[443,446],{"version":444,"is_range":36,"range_type":445,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.4","cpe",{"version":447,"is_range":36,"range_type":445,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.1.6"]