Vulnerabilities (CVE)

Vendor filter

Php Subscribe

Filter

633 total CVE
CVE Vendors Products Updated CVSS
CVE-2010-0397 1 Php 1 Php 2010-12-10 5.0
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference...
CVE-2010-3064 1 Php 1 Php 2010-12-07 6.8
Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1)...
CVE-2010-3063 1 Php 1 Php 2010-12-07 5.0
The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that...
CVE-2010-3062 1 Php 1 Php 2010-12-07 5.0
mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function; or (2) trigger a...
CVE-2010-2093 1 Php 1 Php 2010-12-07 5.0
Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 before 5.2.13 and 5.3 before 5.3.2 allows context-dependent attackers to cause a denial of service (crash) via a stream context structure that is freed before...
CVE-2010-1866 1 Php 1 Php 2010-09-30 7.5
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a...
CVE-2010-1129 1 Php 1 Php 2010-08-31 7.5
The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of...
CVE-2010-1868 1 Php 1 Php 2010-05-11 7.5
The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL...
CVE-2010-1861 1 Php 1 Php 2010-05-10 6.4
The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function,...
CVE-2009-3559 1 Php 1 Php 2010-04-01 7.5
** DISPUTED ** main/streams/plain_wrapper.c in PHP 5.3.x before 5.3.1 does not recognize the safe_mode_include_dir directive, which allows context-dependent attackers to have an unknown impact by triggering the failure of PHP scripts that...
CVE-2009-1272 1 Php 1 Php 2009-09-16 5.0
The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled...
CVE-2008-7002 1 Php 1 Php 2009-08-19 7.2
PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec,...
CVE-2008-5844 1 Php 1 Php 2009-05-14 7.5
PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functionality, and unintentionally disables magic_quotes_gpc regardless of the actual magic_quotes_gpc setting, which might make it easier for context-dependent attackers to conduct...
CVE-2007-0448 1 Php 1 Php 2008-09-11 10.0
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via...
CVE-2002-0121 1 Php 1 Php 2008-09-11 2.1
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.
CVE-2001-1246 1 Php 1 Php 2008-09-10 7.5
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2000-0059 1 Php 1 Php 2008-09-10 10.0
PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.
CVE-1999-0346 1 Php 1 Php Fi 2008-09-09 5.0
CGI PHP mlog script allows an attacker to read any file on the target server.
CVE-1999-0238 1 Php 1 Php 2008-09-09 10.0
php.cgi allows attackers to read any file on the system.
CVE-1999-0068 1 Php 1 Php 2008-09-09 7.5
CGI PHP mylog script allows an attacker to read any file on the target server.