PHP 4.4.2
by PHP
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-1392 | 0.04 | — | 0.10 | Dec 31, 2004 | PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function. | |||
| CVE-2006-1608 | 0.03 | — | 0.01 | Apr 10, 2006 | The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI. |
- CVE-2004-1392Dec 31, 2004risk 0.04cvss —epss 0.10
PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.
- CVE-2006-1608Apr 10, 2006risk 0.03cvss —epss 0.01
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.