cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
Max CVSS
5.0
EPSS Score
0.18%
Published
2001-03-12
Updated
2017-10-10
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
Max CVSS
5.0
EPSS Score
0.33%
Published
2001-01-12
Updated
2016-10-18
Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
Max CVSS
7.5
EPSS Score
0.39%
Published
2002-05-16
Updated
2016-10-18
PHP, when not configured with the "display_errors = Off" setting in php.ini, allows remote attackers to obtain the physical path for an include file via a trailing slash in a request to a directly accessible PHP program, which modifies the base path, causes the include directive to fail, and produces an error message that contains the path.
Max CVSS
5.0
EPSS Score
0.63%
Published
2002-05-29
Updated
2016-10-18
move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system.
Max CVSS
5.0
EPSS Score
1.01%
Published
2002-08-12
Updated
2016-10-18
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.
Max CVSS
7.5
EPSS Score
1.54%
Published
2002-09-24
Updated
2024-02-13
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Max CVSS
5.0
EPSS Score
2.83%
Published
2002-09-24
Updated
2017-10-10
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.
Max CVSS
5.0
EPSS Score
31.26%
Published
2002-12-31
Updated
2017-07-11
The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function.
Max CVSS
5.0
EPSS Score
0.20%
Published
2002-12-31
Updated
2008-09-05
php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
Max CVSS
7.8
EPSS Score
1.21%
Published
2002-12-31
Updated
2008-09-05
Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.
Max CVSS
7.5
EPSS Score
10.97%
Published
2003-04-02
Updated
2018-10-30
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.
Max CVSS
4.3
EPSS Score
1.97%
Published
2003-07-24
Updated
2018-05-03
Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors.
Max CVSS
10.0
EPSS Score
0.38%
Published
2003-11-17
Updated
2018-10-30
Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors.
Max CVSS
10.0
EPSS Score
0.38%
Published
2003-11-17
Updated
2018-10-30
PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via (1) the "%", "|", or ">" characters to the escapeshellcmd function, or (2) the "%" character to the escapeshellarg function.
Max CVSS
10.0
EPSS Score
92.00%
Published
2004-08-06
Updated
2022-07-01
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
Max CVSS
5.1
EPSS Score
61.34%
Published
2004-07-27
Updated
2024-02-15
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
Max CVSS
6.8
EPSS Score
93.90%
Published
2004-07-27
Updated
2018-10-30
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.
Max CVSS
5.0
EPSS Score
3.03%
Published
2004-11-03
Updated
2017-10-11
rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified.
Max CVSS
2.1
EPSS Score
0.05%
Published
2004-11-03
Updated
2017-10-11
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
Max CVSS
10.0
EPSS Score
0.87%
Published
2005-01-10
Updated
2020-12-08
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.
Max CVSS
10.0
EPSS Score
5.32%
Published
2005-01-10
Updated
2018-10-30
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
Max CVSS
10.0
EPSS Score
0.28%
Published
2005-01-10
Updated
2020-12-08
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
Max CVSS
10.0
EPSS Score
0.69%
Published
2005-01-10
Updated
2020-12-08
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
Max CVSS
10.0
EPSS Score
13.41%
Published
2005-01-10
Updated
2018-10-30
PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.
Max CVSS
5.0
EPSS Score
0.89%
Published
2004-12-31
Updated
2017-10-11
391 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!