SUSE CVE-2006-7204

The imapbody function in PHP before 4.4.4 does not implement safemode or openbasedir checks, which allows local users to read arbitrary files or list arbitrary directory contents...

Fedora 17 : maniadrive-1.2-38.fc17 / php-5.4.1-1.fc17 (2012-6869)

Upstream Security Enhancements : - Fixed bug 54374 Insufficient validating of upload name leading to corrupted $FILES indices. CVE-2012-1172. - Add openbasedir checks to readlinewritehistory and readlinereadhistory. Upstream announce: http://www.php.net/archive/2012.phpid2012-04-26-1 Note that...

CVE-2007-1460

The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or openbasedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories...

USN-375-1: PHP vulnerability

Stefan Esser discovered two buffer overflows in the htmlentities and htmlspecialchars functions. By supplying specially crafted input to PHP applications which process that input with these functions, a remote attacker could potentially exploit this to execute arbitrary code with the privileges o...