CVE-2008-7068
The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file.
We have discovered 59,809 live websites that are affected by CVE-2008-7068.
Affected Software
| Product |  PHP |
| Category | Programming Languages |
| Vulnerable Domains | 59,809 live websites (0.77% of PHP install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 1 versions ( 0.20% of all versions) |
Details
- Published - Aug 25, 2009
- Updated - Aug 7, 2024
CVE References
Website Distribution by Country
Number of websites using CVE-2008-7068 United States | 5,569 websites |
 Taiwan | 16,585 websites |
 Germany | 8,689 websites |
 Korea, South | 5,633 websites |
 Hungary | 3,483 websites |
 France | 3,276 websites |
 Russia | 2,260 websites |
 Japan | 1,983 websites |
 Italy | 1,410 websites |
Website Distribution by TLD
Number of websites using CVE-2008-7068| .com | 24,177 websites |
| .de | 7,833 websites |
| .info | 3,471 websites |
| .net | 2,698 websites |
| .ru | 1,942 websites |
| .org | 1,493 websites |
| .cz | 1,078 websites |
| .fr | 949 websites |
| .it | 838 websites |
| .at | 734 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2008-7068
Top websites that are affected by CVE-2008-7068. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| **********.*****.de | Germany | *,*** | |
| ***********.jp | Japan | **,*** | |
| ****.info | France | **,*** | |
| ******.com | Taiwan | **,*** | |
| *********.com | United States | **,*** | |
| *****.*****.**.kr | Korea, South | **,*** | |
| **********.com | Taiwan | **,*** | |
| ******.com | Taiwan | **,*** | |
| **.*****.**********.com | United States | **,*** | |
| *****.*******.**.kr | **,*** |
References
- http://www.securityfocus.com/archive/1/498982/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47316
- http://www.osvdb.org/52206
- http://securityreason.com/achievement_securityalert/58
- http://www.securityfocus.com/archive/1/498746/100/0/threaded
- http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1313&r2=1.2027.2.547.2.1314&
- http://www.securityfocus.com/archive/1/498981/100/0/threaded