Filtered by vendor Php
Subscribe
Total
733 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-1583 | 1 Php | 1 Php | 2023-12-10 | 6.8 MEDIUM | N/A |
The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with register_globals functionality that is not detectable by these scripts, as demonstrated by forcing a memory_limit violation. | |||||
CVE-2006-7204 | 1 Php | 1 Php | 2023-12-10 | 2.1 LOW | N/A |
The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents. | |||||
CVE-2007-1378 | 1 Php | 1 Php | 2023-12-10 | 5.1 MEDIUM | N/A |
The ovrimos_longreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-dependent attackers to write to arbitrary memory locations via the result_id and length arguments. | |||||
CVE-2007-1376 | 1 Php | 1 Php | 2023-12-10 | 7.5 HIGH | N/A |
The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as demonstrated by a GD Image resource. | |||||
CVE-2007-0909 | 2 Php, Trustix | 2 Php, Secure Linux | 2023-12-10 | 7.5 HIGH | N/A |
Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function. | |||||
CVE-2007-2748 | 1 Php | 1 Php | 2023-12-10 | 4.3 MEDIUM | N/A |
The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375. | |||||
CVE-2006-6545 | 1 Php | 1 Errordocs | 2023-12-10 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in includes/common.php in the ErrorDocs 1.0.0 and earlier module for mxBB (mx_errordocs) allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | |||||
CVE-2007-1461 | 1 Php | 1 Php | 2023-12-10 | 7.8 HIGH | N/A |
The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or open_basedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories. | |||||
CVE-2007-4659 | 1 Php | 1 Php | 2023-12-10 | 7.5 HIGH | N/A |
The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors. | |||||
CVE-2007-1890 | 1 Php | 1 Php | 2023-12-10 | 7.5 HIGH | N/A |
Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent attackers to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff. | |||||
CVE-2007-5128 | 2 Boesch-it, Php | 2 Simpnews, Php | 2023-12-10 | 5.0 MEDIUM | N/A |
SimpNews 2.41.03 on Windows, when PHP before 5.0.0 is used, allows remote attackers to obtain sensitive information via an certain link_date parameter to events.php, which reveals the path in an error message due to an unsupported argument type for the mktime function on Windows. | |||||
CVE-2006-6590 | 1 Php | 1 Ar Memberscript | 2023-12-10 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in usercp_menu.php in AR Memberscript allows remote attackers to execute arbitrary PHP code via a URL in the script_folder parameter. | |||||
CVE-2007-1888 | 1 Php | 1 Php | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a bundled version of sqlite without this vulnerability. The SQLite developer has argued that this issue could be due to a misuse of the sqlite_decode_binary() API. | |||||
CVE-2007-1709 | 1 Php | 1 Php | 2023-12-10 | 4.3 MEDIUM | N/A |
Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string. | |||||
CVE-2007-0911 | 1 Php | 1 Php | 2023-12-10 | 7.8 HIGH | N/A |
Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent attackers to cause a denial of service (crash). | |||||
CVE-2007-4662 | 1 Php | 1 Php | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors. | |||||
CVE-2007-1381 | 1 Php | 1 Php | 2023-12-10 | 7.6 HIGH | N/A |
The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent attackers to execute arbitrary code via a WDDX packet with a malformed overlap of a STRING element, which triggers a buffer overflow. | |||||
CVE-2007-3007 | 1 Php | 1 Php | 2023-12-10 | 5.0 MEDIUM | N/A |
PHP 5 before 5.2.3 does not enforce the open_basedir or safe_mode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function. | |||||
CVE-2007-4652 | 1 Php | 1 Php | 2023-12-10 | 4.4 MEDIUM | N/A |
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink. | |||||
CVE-2007-3998 | 3 Canonical, Debian, Php | 3 Ubuntu Linux, Debian Linux, Php | 2023-12-10 | 5.0 MEDIUM | N/A |
The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, ""' argument set. |