Filtered by vendor Php
Subscribe
Total
737 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-4023 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner. | |||||
CVE-2005-0596 | 1 Php | 1 Php | 2024-02-28 | 2.1 LOW | N/A |
PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size. | |||||
CVE-2006-1549 | 1 Php | 1 Php | 2024-02-28 | 2.1 LOW | N/A |
PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected. | |||||
CVE-2006-4485 | 1 Php | 1 Php | 2024-02-28 | 10.0 HIGH | N/A |
The stripos function in PHP before 5.1.5 has unknown impact and attack vectors related to an out-of-bounds read. | |||||
CVE-2005-3883 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument. | |||||
CVE-2006-4483 | 1 Php | 1 Php | 2024-02-28 | 9.3 HIGH | N/A |
The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache. | |||||
CVE-2006-0200 | 1 Php | 1 Php | 2024-02-28 | 9.3 HIGH | N/A |
Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages. | |||||
CVE-2006-2419 | 1 Php | 1 Directory Listing Script | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | |||||
CVE-2006-2563 | 1 Php | 1 Php | 2024-02-28 | 2.1 LOW | N/A |
The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters. | |||||
CVE-2005-3319 | 1 Php | 1 Php | 2024-02-28 | 2.1 LOW | N/A |
The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost. | |||||
CVE-2005-1042 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count. | |||||
CVE-2005-3054 | 1 Php | 1 Php | 2024-02-28 | 2.1 LOW | N/A |
fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory. | |||||
CVE-2004-1020 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote attackers to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected by the magic_quotes_gpc mechanism. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. | |||||
CVE-2005-3389 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected. | |||||
CVE-2004-1063 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2024-02-28 | 10.0 HIGH | N/A |
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. | |||||
CVE-2006-4020 | 1 Php | 1 Php | 2024-02-28 | 4.6 MEDIUM | N/A |
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a buffer over-read. | |||||
CVE-2004-1065 | 4 Openpkg, Php, Trustix and 1 more | 4 Openpkg, Php, Secure Linux and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file. | |||||
CVE-2006-1990 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396. | |||||
CVE-2006-3011 | 1 Php | 1 Php | 2024-02-28 | 4.6 MEDIUM | N/A |
The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode. | |||||
CVE-2005-4154 | 1 Php | 1 Pear | 2024-02-28 | 5.1 MEDIUM | N/A |
Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows user-assisted attackers to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded. |