VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
epss	0.10111	https://api.first.org/data/v1/epss?cve=CVE-2010-4156
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2010-4156

System

Score

Found at

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

epss

0.10111

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

cvssv2

5.0

https://nvd.nist.gov/vuln/detail/CVE-2010-4156

Reference id

Reference type

URL

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html

http://marc.info/?l=bugtraq&m=130331363227777&w=2

http://pastie.org/1279428

http://pastie.org/1279682

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4156.json

https://api.first.org/data/v1/epss?cve=CVE-2010-4156

http://secunia.com/advisories/42135

http://secunia.com/advisories/42812

http://secunia.com/advisories/43189

http://www.mandriva.com/security/advisories?name=MDVSA-2010:225

http://www.openwall.com/lists/oss-security/2010/11/07/2

http://www.openwall.com/lists/oss-security/2010/11/08/13

http://www.php.net/ChangeLog-5.php

http://www.redhat.com/support/errata/RHSA-2011-0196.html

http://www.securityfocus.com/bid/44727

http://www.ubuntu.com/usn/USN-1042-1

http://www.vupen.com/english/advisories/2011/0020

http://www.vupen.com/english/advisories/2011/0021

http://www.vupen.com/english/advisories/2011/0077

651682

https://bugzilla.redhat.com/show_bug.cgi?id=651682

cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*

cpe:2.3:a:scottmac:libmbfl:1.1.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:scottmac:libmbfl:1.1.0:*:*:*:*:*:*:*

CVE-2010-4156

https://nvd.nist.gov/vuln/detail/CVE-2010-4156

CVE-2010-4156;OSVDB-69099

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/34979.php

RHSA-2011:0196

https://access.redhat.com/errata/RHSA-2011:0196

USN-1042-1

https://usn.ubuntu.com/1042-1/

Data source	Exploit-DB
Date added	Nov. 7, 2010
Description	PHP 5.3.x - 'mb_strcut()' Information Disclosure
Ransomware campaign use	Known
Source publication date	Nov. 7, 2010
Exploit type	remote
Platform	php
Source update date	Oct. 16, 2017

Exploit-DB

Nov. 7, 2010

PHP 5.3.x - 'mb_strcut()' Information Disclosure

Known

Nov. 7, 2010

remote

php

Oct. 16, 2017

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T14:56:56.412661+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4156.json	38.0.0

2026-04-01T14:56:56.412661+00:00

RedHat Importer

Import

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4156.json

38.0.0

Vulnerability ID	VCID-4mr9-qddm-7fdd
Aliases	CVE-2010-4156
Summary	php information disclosure via mb_strcut()
Status	Published
Exploitability	2.0
Weighted Severity	4.5
Risk	9.0
Affected and Fixed Packages	Package Details

Percentile	0.93063
EPSS Score	0.10111
Published At	April 1, 2026, 12:55 p.m.