CVE-2007-4652

The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.

We have discovered 129,084 live websites that are affected by CVE-2007-4652.

Test my site



Affected Software

Product  PHP
Category Programming Languages
Vulnerable Domains129,084 live websites (1.48% of PHP install base)
Vulnerable Versions
  • from 0 before 5.2.4
Vulnerable Versions Count69 versions ( 12.61% of all versions)



Details

  • Published - Sep 5, 2007
  • Updated - Aug 7, 2024

CVE-2007-4652 usage by Country

United States9,328 websites


Taiwan80,884 websites
France6,114 websites
Germany5,328 websites
Korea, South4,554 websites
Japan4,323 websites
Russia2,823 websites
Czech Republic1,058 websites
Austria995 websites

CVE-2007-4652 usage by TLD

.com83,407 websites
.info4,732 websites
.de4,202 websites
.net3,910 websites
.ru2,506 websites
.org2,133 websites
.fr1,618 websites
.jp1,453 websites
.cz919 websites
.ch797 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2007-4652

Top websites that are affected by CVE-2007-4652. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
*****.***.tw Taiwan*,***
**********.*****.de Germany*,***
***********.jp Japan**,***
****.info France**,***
******.com Taiwan**,***
*********.com United States**,***
******.com Taiwan**,***
****.com Taiwan**,***
*****.com Taiwan**,***
******.com Taiwan**,***
See full domain list

FAQ

A total of 129,084 websites have been identified as vulnerable to CVE-2007-4652, discovered through global website indexing conducted by WebTechSurvey.
PHP is susceptible to CVE-2007-4652 vulnerability.
PHP versions before 5.2.4 are vulnerable to CVE-2007-4652.
Version 5.2.4 of PHP addresses the CVE-2007-4652 security vulnerability.