Total
706 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1392 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function. | |||||
CVE-2002-2214 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows remote attackers to cause a denial of service (crash) via an e-mail header with a long "To" header. | |||||
CVE-2000-0860 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables. | |||||
CVE-1999-0058 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in PHP cgi program, php.cgi allows shell access. | |||||
CVE-2003-0860 | 1 Php | 1 Php | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors. | |||||
CVE-2001-1246 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters. |