PHP : Security Vulnerabilities, CVEs, Published In 2000

CVE-2000-0967

PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
Max CVSS
10.0
EPSS Score
34.05%
Published
2000-12-19
Updated
2018-05-03

CVE-2000-0860

The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.
Max CVSS
5.0
EPSS Score
0.83%
Published
2000-11-14
Updated
2017-10-10

CVE-2000-0059

PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.
Max CVSS
10.0
EPSS Score
6.40%
Published
2000-01-04
Updated
2008-09-10
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close