PHP : Security Vulnerabilities, CVEs, CVSS score between 3 and 3.99
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.
Max CVSS
3.6
EPSS Score
0.06%
Published
2014-09-27
Updated
2021-03-29
acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.
Max CVSS
3.3
EPSS Score
0.05%
Published
2014-06-08
Updated
2023-01-19
The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1072.
Max CVSS
3.3
EPSS Score
0.05%
Published
2011-03-03
Updated
2020-01-23
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
Max CVSS
3.3
EPSS Score
0.04%
Published
2011-03-03
Updated
2020-01-23
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
Max CVSS
3.6
EPSS Score
0.06%
Published
2006-09-12
Updated
2018-10-30
Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent attackers to read and create arbitrary files by providing extra -C and -X arguments to sendmail. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE.
Max CVSS
3.2
EPSS Score
0.09%
Published
2006-03-07
Updated
2018-10-18
6 vulnerabilities found