CVE-2006-2563

The cURL library libcurl in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters...

PHP 4.x tempnam() Function open_basedir Restriction Bypass

No description provided by source. source: http://www.securityfocus.com/bid/17439/info PHP is prone to multiple 'safemode' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations...

PHP error_log()安全模式限制绕过漏洞

BUGTRAQ ID: 18645 CVECAN ID: CVE-2006-3011 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的errorlog函数中存在安全模式限制绕过漏洞： PHP5: - -2013-2050--- PHPAPI int phperrorlogint opterr, char message, char opt, char headers TSRMLSDC phpstream stream = NULL; switch opterr case 1: /send an email / if HAVESENDMAIL if...

CVE-2006-2563

The cURL library libcurl in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters...

CVE-2006-0996

The CVE-2006-0996 issue is a cross-site scripting vulnerability in PHP’s phpinfo output that allows remote attackers to inject script/HTML via long array variables. Publicly disclosed in PHP 5.1.2 and 4.4.2, the flaw arises from inadequate sanitization of long strings, enabling XSS in pages that ...

[Full-disclosure] phpinfo() Cross Site Scripting PHP 5.1.2 and 4.4.2

Source: http://securityreason.com/achievementsecurityalert/34 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpinfo Cross Site Scripting PHP 5.1.2 and 4.4.2 Author: Maksymilian Arciemowicz cXIb8O3 Date: - -Written: 26.2.2006 - -Public: 8.4.2006 from SecurityReason.Com CVE-2006-0996 - ---...