PHP 5.4.2 released
PHP 5.4.2 is now available for download.
Fixed PHP-CGI query string parameter vulnerability.(unnoticed for at least 8 years).If you are using Apache mod_cgi to run PHP you may be vulnerable. To see if you are, just add ?-s to the end of any of your URLs. If you see your source code, you are vulnerable. If your site renders normally, you are not.
Download PHP 5.4.2