zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations.
Max CVSS
9.3
EPSS Score
5.39%
Published
2006-06-14
Updated
2018-10-30
The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
Max CVSS
4.6
EPSS Score
0.07%
Published
2006-06-26
Updated
2017-07-20
Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the filename.
Max CVSS
2.1
EPSS Score
0.05%
Published
2006-06-13
Updated
2018-10-30
3 vulnerabilities found