VYPR
Vendor

Phpids

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2011-5021Dec 29, 2011
    risk 0.00cvss epss 0.01

    PHPIDS before 0.7 does not properly implement Regular Expression Denial of Service (ReDoS) filters, which allows remote attackers to bypass rulesets and add PHP sequences to a file via unspecified vectors.

  • CVE-2011-3781Sep 24, 2011
    risk 0.00cvss epss 0.01

    PHPIDS 0.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/IDS/VersionTest.php and certain other files.

  • CVE-2007-3578Jul 5, 2007
    risk 0.00cvss epss 0.01

    PHPIDS before 20070703 does not properly handle (1) arithmetic expressions and (2) unclosed comments, which allows remote attackers to inject arbitrary web script.

  • CVE-2007-3577Jul 5, 2007
    risk 0.00cvss epss 0.01

    PHPIDS before 20070703 does not properly handle use of the substr method in (1) document.location.search and (2) document.referrer; (3) certain use of document.location.hash; (4) certain "window[eval" and similar expressions; (5) certain Function expressions; (6) certain '='…

  • CVE-2007-3579Jul 5, 2007
    risk 0.00cvss epss 0.01

    PHPIDS before 20070703 does not properly handle setting the .text property of a SCRIPT element before its attachment to the DOM, which allows remote attackers to inject arbitrary web script.

  • CVE-2007-3580Jul 5, 2007
    risk 0.00cvss epss 0.01

    PHPIDS does not properly handle certain code containing newlines, as demonstrated by a try/catch block within a loop, which allows user-assisted remote attackers to inject arbitrary web script.