Filtered by vendor Php Subscriptions
Filtered by product Php Subscriptions
Total 706 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0058 1 Php 1 Php 2008-09-09 N/A
Buffer overflow in PHP cgi program, php.cgi allows shell access.
CVE-2007-1454 1 Php 1 Php 2008-09-05 N/A
ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b.
CVE-2007-1453 1 Php 1 Php 2008-09-05 N/A
Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer.
CVE-2007-1381 1 Php 1 Php 2008-09-05 N/A
The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent attackers to execute arbitrary code via a WDDX packet with a malformed overlap of a STRING element, which triggers a buffer overflow.
CVE-2002-2214 1 Php 1 Php 2008-09-05 N/A
The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows remote attackers to cause a denial of service (crash) via an e-mail header with a long "To" header.
CVE-2007-1383 1 Php 1 Php 2008-09-05 N/A
Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes the same variable to be destroyed twice, a related issue to CVE-2007-1286.