search for: bugref

...y enough it?s also quite common in many frameworks, projects to use prepared statements with user controlled data instead of binding them after preparation. State-Machine Graph, Test-Scripts, Traces, PoCs are available. Vendor Response: ---------------- * Patch 2012-04-19 (bug61755.diff) (see php bugref) Patch available, but still not fixed in 5.4.3 (latest) Timeline: --------- * 2012 Feb ? - Discovered in 5.3.8, verified for 5.3.0/5.3.10 and 5.4.0 * 2012 March - Responsible Disclosure via SSD/BeyondSecurity * 2012 April - Patch available 2012-04-19 * 2012 May/June - No trace of bugfix in svn for...