Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call.
Max CVSS
7.5
EPSS Score
0.60%
Published
2016-01-19
Updated
2017-11-04
Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive.
Max CVSS
4.3
EPSS Score
1.34%
Published
2016-05-22
Updated
2018-01-05
The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or conduct directory traversal attacks during multi-file uploads by leveraging a script that lacks its own filename restrictions.
Max CVSS
5.8
EPSS Score
3.48%
Published
2012-05-24
Updated
2018-01-18
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability."
Max CVSS
6.4
EPSS Score
5.48%
Published
2011-06-16
Updated
2018-10-30
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.
Max CVSS
7.5
EPSS Score
0.80%
Published
2008-12-17
Updated
2018-10-11
Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to the (1) chdir or (2) ftok function.
Max CVSS
5.0
EPSS Score
0.71%
Published
2008-06-20
Updated
2018-10-11
Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function.
Max CVSS
7.5
EPSS Score
1.98%
Published
2007-09-12
Updated
2018-10-15
Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function.
Max CVSS
7.5
EPSS Score
0.87%
Published
2007-09-04
Updated
2017-07-29
Directory traversal vulnerability in picture.php in WebSPELL 4.01.02 and earlier, when PHP before 4.3.0 is used, allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.
Max CVSS
5.0
EPSS Score
0.38%
Published
2007-04-30
Updated
2017-10-11
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.
Max CVSS
2.6
EPSS Score
2.53%
Published
2006-04-10
Updated
2018-10-30
10 vulnerabilities found