ReportizFlow
Filtered by vendor Php
Subscriptions
Filtered by product Php
Subscriptions
Total
730 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1710 | 1 Php | 1 Php | 2025-04-09 | N/A |
| The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence. | ||||
| CVE-2007-1701 | 2 Php, Redhat | 4 Php, Enterprise Linux, Rhel Application Stack and 1 more | 2025-04-09 | N/A |
| PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling session_decode on a string beginning with "_SESSION|s:39:". | ||||
| CVE-2007-1584 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\0' characters in whitespace that precedes the string. | ||||
| CVE-2007-1383 | 1 Php | 1 Php | 2025-04-09 | 9.8 Critical |
| Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes the same variable to be destroyed twice, a related issue to CVE-2007-1286. | ||||
| CVE-2009-4142 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2025-04-09 | N/A |
| The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. | ||||
| CVE-2007-1583 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Application Stack | 2025-04-09 | N/A |
| The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with register_globals functionality that is not detectable by these scripts, as demonstrated by forcing a memory_limit violation. | ||||
| CVE-2009-3292 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2025-04-09 | N/A |
| Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing." | ||||
| CVE-2009-4418 | 1 Php | 1 Php | 2025-04-09 | N/A |
| The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences. | ||||
| CVE-2007-1381 | 1 Php | 1 Php | 2025-04-09 | N/A |
| The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent attackers to execute arbitrary code via a WDDX packet with a malformed overlap of a STRING element, which triggers a buffer overflow. | ||||
| CVE-2007-1380 | 2 Php, Redhat | 4 Php, Enterprise Linux, Rhel Application Stack and 1 more | 2025-04-09 | N/A |
| The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read. | ||||
| CVE-2007-1376 | 1 Php | 1 Php | 2025-04-09 | N/A |
| The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as demonstrated by a GD Image resource. | ||||
| CVE-2007-1375 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991. | ||||
| CVE-2007-4825 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function. | ||||
| CVE-2007-1582 | 1 Php | 1 Php | 2025-04-09 | N/A |
| The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources. | ||||
| CVE-2007-1001 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Application Stack | 2025-04-09 | N/A |
| Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values. | ||||
| CVE-2007-1521 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation. | ||||
| CVE-2007-1484 | 1 Php | 1 Php | 2025-04-09 | N/A |
| The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x up to 5.2.1, makes erroneous calls to zval_dtor, which triggers memory corruption and allows local users to bypass safe_mode and execute arbitrary code via a certain unset operation after array_user_key_compare has been called. | ||||
| CVE-2007-1454 | 1 Php | 1 Php | 2025-04-09 | N/A |
| ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b. | ||||
| CVE-2007-1452 | 1 Php | 1 Php | 2025-04-09 | N/A |
| The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement the input filtering hooks for ext/filter, which allows remote attackers to bypass web site filters via an application/vnd.fdf formatted POST. | ||||
| CVE-2007-1411 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions. | ||||