VYPR

PHP

by PHP

Source repositories

CVEs (730)

  • CVE-2007-2509May 9, 2007
    risk 0.00cvss epss 0.02

    CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.

  • CVE-2007-2510May 9, 2007
    risk 0.00cvss epss 0.02

    Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and remote attack vectors, possibly related to "/" (slash) characters.

  • CVE-2007-2511May 9, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in the user_filter_factory_create function in PHP before 5.2.2 has unknown impact and local attack vectors.

  • CVE-2007-1900Apr 10, 2007
    risk 0.00cvss epss 0.02

    CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent…

  • CVE-2007-1883Apr 6, 2007
    risk 0.00cvss epss 0.01

    PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which…

  • CVE-2007-1887Apr 6, 2007
    risk 0.00cvss epss 0.05

    Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the…

  • CVE-2007-1889Apr 6, 2007
    risk 0.00cvss epss 0.03

    Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a…

  • CVE-2007-1886Apr 6, 2007
    risk 0.00cvss epss 0.02

    Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."

  • CVE-2007-1885Apr 6, 2007
    risk 0.00cvss epss 0.04

    Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. …

  • CVE-2007-1888Apr 6, 2007
    risk 0.00cvss epss 0.03

    Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a…

  • CVE-2007-1884Apr 6, 2007
    risk 0.00cvss epss 0.03

    Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function…

  • CVE-2007-1824Apr 2, 2007
    risk 0.00cvss epss 0.03

    Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the '.' character.

  • CVE-2007-1710Mar 27, 2007
    risk 0.00cvss epss 0.00

    The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a…

  • CVE-2007-1461Mar 14, 2007
    risk 0.00cvss epss 0.02

    The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or open_basedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories.

  • CVE-2007-1454Mar 14, 2007
    risk 0.00cvss epss 0.01

    ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace…

  • CVE-2007-1460Mar 14, 2007
    risk 0.00cvss epss 0.02

    The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories.

  • CVE-2007-1396Mar 10, 2007
    risk 0.00cvss epss 0.02

    The import_request_variables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called without a prefix, does not prevent the (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION, and other superglobals from being overwritten, which allows remote…

  • CVE-2007-1378Mar 10, 2007
    risk 0.00cvss epss 0.01

    The ovrimos_longreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-dependent attackers to write to arbitrary memory locations via the result_id and length arguments.

  • CVE-2007-1379Mar 10, 2007
    risk 0.00cvss epss 0.02

    The ovrimos_close function in the Ovrimos extension for PHP before 4.4.5 can trigger efree of an arbitrary address, which might allow context-dependent attackers to execute arbitrary code.

  • CVE-2007-0988Feb 20, 2007
    risk 0.00cvss epss 0.02

    The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used…

Page 34 of 37