7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.089 Low
EPSS
Percentile
93.8%
Your PHP version is affected by quite a few remote arbitrary code execution, remote file renaming, and remote file rewriting bugs that require no authentication and can cause big problems, from performance interruptions and messing with server files to DoS attacks. These are not related to any particular non-default module, but php itself.
Here’s a little list I compiled:
CVE-2015-2301
CVE-2014-9652
CVE-2014-5459
CVE-2014-4698
CVE-2014-4670
CVE-2014-3981