CVE-2004-0958

PHP < 5.0.2 - Memory Contents Exposure via GPC Variables Ending in Open Bracket

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0958. PoCs published by Stefano Di Paola.

AI-analyzed exploit summary This exploit leverages a memory disclosure vulnerability in PHP's array parsing functions by sending a crafted URI parameter to a PHP script that prints user-supplied data. The vulnerability allows an attacker to read regions of process memory by manipulating the parsing function.

Description

php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Stefano Di Paola · textremotephp

https://www.exploit-db.com/exploits/24656

View Code ZIP pw:eip

This exploit leverages a memory disclosure vulnerability in PHP's array parsing functions by sending a crafted URI parameter to a PHP script that prints user-supplied data. The vulnerability allows an attacker to read regions of process memory by manipulating the parsing function.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: PHP versions 4.2.0 and subsequent

No auth needed

Prerequisites: A PHP script that prints user-supplied data (e.g., phpinfo.php or a script using print_r($_REQUEST)) · Ability to send crafted HTTP requests to the target

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →