CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

75 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-3197

Malware in sbrugna...

5CVSS7.3AI score0.00998EPSS

Exploits0References8

Microsoft CVE•added 2025/10/01 11:10 p.m.•4 views

The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

...

5CVSS7AI score0.00998EPSS

Exploits0

RedhatCVE•added 2015/10/30 9:43 a.m.•26 views

CVE-2007-3205

The parsestr function in 1 PHP, 2 Hardened-PHP, and 3 Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the...

5CVSS7.4AI score0.00998EPSS

Exploits0References2

seebug.org•added 2014/07/01 12:0 a.m.•13 views

PHP <= 5.2.1 substr_compare() Information Leak Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•10 views

PHP < 4.4.5 / 5.2.1 WDDX Session Deserialization Information Leak

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•32 views

PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•31 views

PHP < 4.4.5 / 5.2.1 _SESSION unset() Local Exploit

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•13 views

PHP < 4.4.5 / 5.2.1 (shmop) SSL RSA Private-Key Disclosure Exploit

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•28 views

PHP <= 4.4.6 / 5.2.1 ext/gd Already Freed Resources Usage Exploit

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•31 views

PHP 4.x/5.0.x File Upload GLOBAL Variable Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15250/info PHP is prone to a vulnerability that allows attackers to overwrite the GLOBAL variable via HTTP POST requests. By exploiting this issue, remote attackers may be able to overwrite the GLOBAL variable. This may...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•20 views

PHP <= 4.4.4 unserialize() ZVAL Reference Counter Overflow Exploit PoC

7.1AI score

Exploits0

Tenable Nessus•added 2009/04/23 12:0 a.m.•35 views

CentOS 3 / 4 : php (CESA-2006:0730)

Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The Hardened-PHP Project discovered an...

7.5CVSS6AI score0.41876EPSS

Exploits1References7

Prion•added 2007/06/13 10:30 a.m.•18 views

Input validation

5CVSS7AI score0.00998EPSS

Exploits0References7

NVD•added 2007/06/13 10:30 a.m.•16 views

CVE-2007-3205

5CVSS6.7AI score0.00998EPSS

Exploits0References7

CVE•added 2007/06/13 10:0 a.m.•629 views

CVE-2007-3205

Summary: CVE-2007-3205 affects the parse_str function in PHP, Hardened-PHP, and Suhosin when called without a second parameter. The vulnerability allows a remote attacker to overwrite arbitrary variables by supplying variable names and values in the string to be parsed. The description notes unce...

5CVSS6.7AI score0.00998EPSS

Exploits0References7Affected Software3

Cvelist•added 2007/06/13 10:0 a.m.•51 views

CVE-2007-3205

6.6AI score0.00998EPSS

Exploits0References7

Exploit DB•added 2007/03/29 12:0 a.m.•20 views

PHP 5.2.1 - Multiple functions 'Reference' Information Disclosures

source: https://www.securityfocus.com/bid/23202/info PHP is prone to an information-disclosure vulnerability due to a design error. The vulnerability resides in various functions that accept parameters as references. Successful exploits will allow attackers to obtain sensitive information...

7.4AI score

Exploits0

seebug.org•added 2007/03/28 12:0 a.m.•86 views

PHP 4.4.5 / 4.4.6 session_decode() Double Free Exploit PoC

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...

7.1AI score

Exploits0

Exploit DB•added 2007/03/27 12:0 a.m.•70 views

PHP 4.4.4 - 'Zip_Entry_Read()' Integer Overflow

source: https://www.securityfocus.com/bid/23169/info PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a heap-based buffer overflow. Exploiting this issue may allow attackers to execute...

7AI score

Exploits0

Packet Storm•added 2007/03/27 12:0 a.m.•15 views

MOPB-sessionunset.txt

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

0.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by