Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.5 views

SUSE CVE-2007-3997

The 1 MySQL and 2 MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safemode and openbasedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE...

7.5CVSS7AI score0.13818EPSS
Exploits7References4
OpenVAS
OpenVAS
added 2011/02/01 12:0 a.m.25 views

PHP 5.3.2 <= 5.3.3 SQLi Vulnerability

PHP is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

6.8CVSS7.8AI score0.01464EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2011/01/18 8:0 p.m.28 views

CVE-2010-4700

The setmagicquotesruntime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqlifetchassoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly...

6.8CVSS5.9AI score0.01464EPSS
Exploits0References1
CVE
CVE
added 2011/01/18 7:0 p.m.103 views

CVE-2010-4700

CVE-2010-4700 concerns PHP 5.3.2/5.3.3: when using the MySQLi extension, set_magic_quotes_runtime does not interact correctly with mysqli_fetch_assoc, potentially enabling context-dependent attackers to perform SQL injection with input that was previously sanitized in earlier PHP versions. Public...

6.8CVSS9.6AI score0.01464EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/03/23 12:0 a.m.52 views

GLSA-200603-22 : PHP: Format string and XSS vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200603-22 PHP: Format string and XSS vulnerabilities Stefan Esser of the Hardened PHP project has reported a few vulnerabilities found in PHP: Input passed to the session ID in the session extension isn't properly sanitised before...

5CVSS5.9AI score0.04348EPSS
Exploits0References5
securityvulns
securityvulns
added 2006/01/13 12:0 a.m.47 views

Multiple PHP extensions vulnerabilities

mysqli extension format string vulnerability, session extension session id HTTP response splitting...

0.5AI score
Exploits0References2Affected Software1
Rows per page
Query Builder