Total
706 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0166 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions. | |||||
CVE-2002-0229 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements. | |||||
CVE-2002-2215 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function. | |||||
CVE-2000-0967 | 1 Php | 1 Php | 2024-02-28 | 10.0 HIGH | N/A |
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs. | |||||
CVE-2003-1303 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in a (1) To or (2) From header. | |||||
CVE-2002-0484 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system. | |||||
CVE-2002-0985 | 2 Openpkg, Php | 2 Openpkg, Php | 2024-02-28 | 7.5 HIGH | N/A |
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands. | |||||
CVE-1999-0068 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
CGI PHP mylog script allows an attacker to read any file on the target server. | |||||
CVE-2002-0081 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled. | |||||
CVE-2002-1783 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions. | |||||
CVE-2003-0861 | 1 Php | 1 Php | 2024-02-28 | 10.0 HIGH | N/A |
Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors. | |||||
CVE-2003-0863 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications. | |||||
CVE-2001-1385 | 2 Mandrakesoft, Php | 2 Mandrake Linux, Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts. | |||||
CVE-2004-0594 | 6 Avaya, Debian, Hp and 3 more | 6 Converged Communications Server, Debian Linux, Hp-ux and 3 more | 2024-02-28 | 5.1 MEDIUM | N/A |
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete. | |||||
CVE-2003-1302 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters. | |||||
CVE-2002-1396 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | |||||
CVE-2002-0121 | 1 Php | 1 Php | 2024-02-28 | 2.1 LOW | N/A |
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections. | |||||
CVE-2003-0172 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument. | |||||
CVE-2004-0958 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length. | |||||
CVE-2004-0542 | 1 Php | 1 Php | 2024-02-28 | 10.0 HIGH | N/A |
PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via (1) the "%", "|", or ">" characters to the escapeshellcmd function, or (2) the "%" character to the escapeshellarg function. |