Filter
AND
AND
PHPThe file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files b…
First published (updated )
PHPThe Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for …
First published (updated )
PHPPHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions …
First published (updated )
PHPThe imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to c…
First published (updated )
PHPThe mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, w…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPmove_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could…
First published (updated )
PHPPHP, when not configured with the "display_errors = Off" setting in php.ini, allows remote attackers…
First published (updated )
PHPPHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbi…
First published (updated )
PHPThe memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditi…
5.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPscanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execu…
4.6
First published (updated )
PHPMultiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 bef…
6.8
First published (updated )
PHPPHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path (session.save_path)…
4.6
First published (updated )
PHPThe mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at th…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPThe resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent atta…
6.8
First published (updated )
PHPThe mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal regis…
6.8
First published (updated )
PHPThe php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.…
First published (updated )
PHPThe ovrimos_longreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-depend…
5.1
First published (updated )
PHPThe ovrimos_close function in the Ovrimos extension for PHP before 4.4.5 can trigger efree of an arb…
5.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPBuffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified v…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPThe tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows conte…
First published (updated )
PHPThe posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows co…
6.8
First published (updated )
PHPThe zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allo…
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.