VYPR

PHP

by PHP

Source repositories

CVEs (731)

  • CVE-2001-0042Feb 16, 2001
    risk 0.04cvss epss 0.09

    PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.

  • CVE-2000-0059Jan 4, 2000
    risk 0.04cvss epss 0.11

    PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.

  • CVE-1999-0068Oct 19, 1997
    risk 0.04cvss epss 0.07

    CGI PHP mylog script allows an attacker to read any file on the target server.

  • CVE-1999-0238Aug 1, 1997
    risk 0.04cvss epss 0.06

    php.cgi allows attackers to read any file on the system.

  • CVE-2015-3329Jun 9, 2015
    risk 0.03cvss epss 0.38

    Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.

  • CVE-2012-5381Oct 11, 2012
    risk 0.03cvss epss 0.01

    Untrusted search path vulnerability in the installation functionality in PHP 5.3.17, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\PHP directory, which may be added to the PATH system environment…

  • CVE-2012-2335May 11, 2012
    risk 0.03cvss epss 0.33

    php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string…

  • CVE-2008-7002Aug 19, 2009
    risk 0.03cvss epss 0.01

    PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4)…

  • CVE-2009-0754Mar 3, 2009
    risk 0.03cvss epss 0.01

    PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on…

  • CVE-2007-4850Jan 25, 2008
    risk 0.03cvss epss 0.06

    curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563.

  • CVE-2007-6039Nov 20, 2007
    risk 0.03cvss epss 0.01

    PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in (1) the domain parameter to the dgettext function, the message parameter to the (2) dcgettext or (3) gettext function, the msgid1 parameter to the (4)…

  • CVE-2007-5653Oct 23, 2007
    risk 0.03cvss epss 0.05

    The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding…

  • CVE-2007-5447Oct 14, 2007
    risk 0.03cvss epss 0.05

    ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the…

  • CVE-2007-4652Sep 4, 2007
    risk 0.03cvss epss 0.01

    The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.

  • CVE-2007-4528Aug 25, 2007
    risk 0.03cvss epss 0.05

    The Foreign Function Interface (ffi) extension in PHP 5.0.5 does not follow safe_mode restrictions, which allows context-dependent attackers to execute arbitrary code by loading an arbitrary DLL and calling a function, as demonstrated by kernel32.dll and the WinExec function. …

  • CVE-2007-4507Aug 23, 2007
    risk 0.03cvss epss 0.06

    Multiple buffer overflows in the php_ntuser component for PHP 5.2.3 allow context-dependent attackers to cause a denial of service or execute arbitrary code via long arguments to the (1) ntuser_getuserlist, (2) ntuser_getuserinfo, (3) ntuser_getusergroups, or (4)…

  • CVE-2007-4441Aug 21, 2007
    risk 0.03cvss epss 0.02

    Buffer overflow in php_win32std.dll in the win32std extension for PHP 5.2.0 and earlier allows context-dependent attackers to execute arbitrary code via a long string in the filename argument to the win_browse_file function.

  • CVE-2007-4010Jul 26, 2007
    risk 0.03cvss epss 0.06

    The win32std extension in PHP 5.2.3 does not follow safe_mode and disable_functions restrictions, which allows remote attackers to execute arbitrary commands via the win_shell_execute function.

  • CVE-2007-3790Jul 15, 2007
    risk 0.03cvss epss 0.03

    The com_print_typeinfo function in the bz2 extension in PHP 5.2.3 allows context-dependent attackers to cause a denial of service via a long argument.

  • CVE-2007-1835Apr 3, 2007
    risk 0.03cvss epss 0.01

    PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path (session.save_path), uses the TMPDIR default after checking the restrictions, which allows local users to bypass open_basedir restrictions.

Page 20 of 37