Filter
AND
PHPPHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() funct…
7.5
First published (updated )
PHPPHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web…
6.4
First published (updated )
PHPphp.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows …
7.8
First published (updated )
PHPThe imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to c…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPArgument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to by…
7.5
First published (updated )
PHPThe mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, w…
First published (updated )
PHPmove_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could…
First published (updated )
PHPPHP, when not configured with the "display_errors = Off" setting in php.ini, allows remote attackers…
First published (updated )
PHPSafe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL dat…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPPHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, whic…
2.1
First published (updated )
PHPInteger signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause …
7.5
First published (updated )
PHPPHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbi…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPThe memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditi…
5.1
First published (updated )
PHPThe exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause …
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPThe apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 fin…
2.1
First published (updated )
PHPThe RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is…
7.5
First published (updated )
PHPUnspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows r…
7.5
First published (updated )
PHPMultiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_bas…
7.5
First published (updated )
PHPThe parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one paramet…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPPHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server ht…
3.6
First published (updated )
PHPPHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier (PH…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.