ReportizFlow
Filtered by vendor Php
Subscriptions
Filtered by product Php
Subscriptions
Total
733 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0484 | 1 Php | 1 Php | 2025-04-03 | N/A |
| move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system. | ||||
| CVE-2006-3011 | 1 Php | 1 Php | 2025-04-03 | N/A |
| The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode. | ||||
| CVE-2006-4625 | 1 Php | 1 Php | 2025-04-03 | N/A |
| PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults. | ||||
| CVE-2006-0097 | 1 Php | 1 Php | 2025-04-03 | N/A |
| Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function. | ||||
| CVE-2006-0996 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Stronghold | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in phpinfo (info.c) in PHP 5.1.2 and 4.4.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including (1) a large number of dimensions or (2) long values, which prevents HTML tags from being removed. | ||||
| CVE-2006-2563 | 1 Php | 1 Php | 2025-04-03 | N/A |
| The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters. | ||||
| CVE-2001-0108 | 3 Mandrakesoft, Php, Redhat | 3 Mandrake Linux, Php, Linux | 2025-04-03 | N/A |
| PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested. | ||||
| CVE-2003-0166 | 1 Php | 1 Php | 2025-04-03 | N/A |
| Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions. | ||||
| CVE-2001-1247 | 2 Php, Redhat | 2 Php, Linux | 2025-04-03 | N/A |
| PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files. | ||||
| CVE-2000-0860 | 1 Php | 1 Php | 2025-04-03 | N/A |
| The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables. | ||||
| CVE-2006-4481 | 1 Php | 1 Php | 2025-04-03 | N/A |
| The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017. | ||||
| CVE-2004-1065 | 5 Openpkg, Php, Redhat and 2 more | 5 Openpkg, Php, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file. | ||||
| CVE-2004-1064 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2025-04-03 | N/A |
| The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. | ||||
| CVE-2006-4486 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Application Stack | 2025-04-03 | N/A |
| Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction. | ||||
| CVE-2004-0595 | 4 Avaya, Php, Redhat and 1 more | 11 Converged Communications Server, Integrated Management, S8300 and 8 more | 2025-04-03 | N/A |
| The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities. | ||||
| CVE-2003-1303 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2025-04-03 | N/A |
| Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in a (1) To or (2) From header. | ||||
| CVE-2006-4483 | 1 Php | 1 Php | 2025-04-03 | N/A |
| The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache. | ||||
| CVE-2006-2660 | 1 Php | 1 Php | 2025-04-03 | N/A |
| Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the filename. | ||||
| CVE-2002-0121 | 1 Php | 1 Php | 2025-04-03 | N/A |
| PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections. | ||||
| CVE-2002-0253 | 1 Php | 1 Php | 2025-04-03 | N/A |
| PHP, when not configured with the "display_errors = Off" setting in php.ini, allows remote attackers to obtain the physical path for an include file via a trailing slash in a request to a directly accessible PHP program, which modifies the base path, causes the include directive to fail, and produces an error message that contains the path. | ||||