Filtered by vendor Php
Subscriptions
Total
737 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-1398 | 1 Php | 1 Php | 2013-10-11 | N/A |
The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. | ||||
CVE-2013-4635 | 1 Php | 1 Php | 2013-09-12 | N/A |
Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function. | ||||
CVE-2012-3450 | 1 Php | 1 Php | 2013-04-19 | N/A |
pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted parameter value. | ||||
CVE-2011-3379 | 1 Php | 1 Php | 2012-07-03 | N/A |
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders. | ||||
CVE-2001-1247 | 1 Php | 1 Php | 2012-06-25 | N/A |
PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files. | ||||
CVE-2007-1461 | 1 Php | 1 Php | 2011-07-13 | N/A |
The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or open_basedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories. | ||||
CVE-2007-1460 | 1 Php | 1 Php | 2011-05-24 | N/A |
The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories. | ||||
CVE-2010-4156 | 2 Php, Scottmac | 2 Php, Libmbfl | 2011-05-04 | N/A |
The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter). | ||||
CVE-2010-2950 | 1 Php | 1 Php | 2011-05-04 | N/A |
Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the phar_stream_flush function, leading to errors in the php_stream_wrapper_log_error function. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2094. | ||||
CVE-2007-1522 | 1 Php | 1 Php | 2011-03-08 | N/A |
Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to execute arbitrary code via illegal characters in a session identifier, which is rejected by an internal session storage module, which calls the session identifier generator with an improper environment, leading to code execution when the generator is interrupted, as demonstrated by triggering a memory limit violation or certain PHP errors. | ||||
CVE-2007-1521 | 1 Php | 1 Php | 2011-03-08 | N/A |
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation. | ||||
CVE-2007-1287 | 1 Php | 1 Php | 2011-03-08 | N/A |
A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and PHP 6.0 in CVS, allows remote attackers to conduct cross-site scripting (XSS) attacks via GET, POST, or COOKIE array values, which are not escaped in the phpinfo output, as originally fixed for CVE-2005-3388. | ||||
CVE-2006-2419 | 1 Php | 1 Directory Listing Script | 2011-03-08 | N/A |
Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | ||||
CVE-2006-1559 | 1 Php | 1 Php Script Index | 2011-03-08 | N/A |
SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
CVE-2006-1558 | 1 Php | 1 Php Script Index | 2011-03-08 | N/A |
Cross-site scripting (XSS) vulnerability in search.php in PHP Script Index allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
CVE-2010-2094 | 1 Php | 1 Php | 2011-01-26 | N/A |
Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the (1) phar_stream_flush, (2) phar_wrapper_unlink, (3) phar_parse_url, or (4) phar_wrapper_open_url functions in ext/phar/stream.c; and the (5) phar_wrapper_open_dir function in ext/phar/dirstream.c, which triggers errors in the php_stream_wrapper_log_error function. | ||||
CVE-2010-3065 | 1 Php | 1 Php | 2010-12-10 | N/A |
The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name. | ||||
CVE-2010-1128 | 1 Php | 1 Php | 2010-12-10 | N/A |
The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function. | ||||
CVE-2010-0397 | 1 Php | 1 Php | 2010-12-10 | N/A |
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. | ||||
CVE-2010-3064 | 1 Php | 1 Php | 2010-12-07 | N/A |
Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function. |