Lucene search
GoogleOSV:GHSA-XXV8-PV43-57X5HistoryMay 13, 2022 - 1:28 a.m.
PEAR core file overwrite vulnerability
2022-05-1301:28:45
Google
osv.dev
5
PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote HTTP servers to overwrite files via crafted responses, as demonstrated by a .htaccess overwrite.
References
Related
redhatcve
redhatcve
CVE-2017-5630
2017-02-02 17:45:57
github
github
PEAR core file overwrite vulnerability
2022-05-13 01:28:45
seebug
seebug
PHP PEAR 1.10.1 - arbitrary File Download Vulnerability (CVE-2017-5630)
2017-02-01 00:00:00
zdt
zdt
PHP PEAR 1.10.1 - Arbitrary File Download Vulnerability
2017-01-30 00:00:00
prion
prion
Design/Logic Flaw
2017-02-01 23:59:00
cvelist
cvelist
CVE-2017-5630
2017-02-01 23:00:00
debiancve
debiancve
CVE-2017-5630
2017-02-01 23:59:00
nvd
nvd
CVE-2017-5630
2017-02-01 23:59:00
nessus
nessus
RHEL 5 : php-pear (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : php-pear (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : php-pear (Unpatched Vulnerability)
2024-06-03 00:00:00
exploitpack
exploitpack
PHP PEAR 1.10.1 - Arbitrary File Download
2017-01-30 00:00:00
ubuntucve
ubuntucve
CVE-2017-5630
2017-02-01 00:00:00
packetstorm
packetstorm
PEAR Arbitrary File Download
2017-01-29 00:00:00
cve
cve
CVE-2017-5630
2017-02-01 23:59:00
exploitdb
exploitdb
PHP PEAR 1.10.1 - Arbitrary File Download
2017-01-30 00:00:00