Lucene search
K

1132 matches found

Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.68 views

Debian DSA-531-1 : php4 - several vulnerabilities

Two vulnerabilities were discovered in php4 : - CAN-2004-0594 The memorylimit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when registerglobals is enabled, allows remote attackers to execute arbitrary code by triggering a memorylimit abort during...

6.8CVSS5.8AI score0.54856EPSS
Exploits4References3
securityvulns
securityvulns
added 2004/09/16 12:0 a.m.33 views

[VulnWatch] PHP Vulnerability N. 1

Hi all, This summer i have been playing around with some php issue and got some php vulnerabilities.. Let's go for the first one: ========================================================== Title: phpsuperinfo. Affected: Php = 5.0.1 Not Affected: it seems Php = 4.1.2 Vulnerability Type: Exposure o...

0.2AI score
Exploits0
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.29 views

CVE-2002-1396

Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code...

7.5AI score0.0365EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.47 views

GLSA-200407-13 : PHP: Multiple security vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200407-13 PHP: Multiple security vulnerabilities Several security vulnerabilities were found and fixed in version 4.3.8 of PHP. The striptags function, used to sanitize user input, could in certain cases allow tags containing \0...

6.8CVSS6.2AI score0.54856EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.10 views

PHP < 4.3.2 Multiple Function Remote Overflows

Binary data 1484.prm...

7.5CVSS7.3AI score0.19002EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.67 views

SUSE-SA:2004:021: php4/mod_php4

The remote host is missing the patch for the advisory SUSE-SA:2004:021 php4/modphp4. PHP is a well known, widely-used scripting language often used within web server setups. Stefan Esser found a problem with the 'memorylimit' handling of PHP which allows remote attackers to execute arbitrary code...

6.8CVSS6AI score0.54856EPSS
Exploits4References2
Gentoo Linux
Gentoo Linux
added 2004/07/15 12:0 a.m.43 views

PHP: Multiple security vulnerabilities

Background PHP is a general-purpose scripting language widely used to develop web-based applications. It can run inside a web server using the modphp module or the CGI version of PHP, or can run stand-alone in a CLI. Description Several security vulnerabilities were found and fixed in version 4.3...

6.8CVSS6.9AI score0.54856EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2004/07/15 12:0 a.m.35 views

PHP < 4.3.8 Multiple Vulnerabilities

According to its banner, the version of PHP 4.3.x installed on the remote host is prior to 4.3.7. It is, therefore, potentially affected by a bug that could allow an attacker to execute arbitrary code on the remote host if the option memorylimit is set. Another bug in the function striptags may...

6.8CVSS5.4AI score0.54856EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.30 views

RHEL 2.1 : php (RHSA-2002:214)

PHP versions up to and including 4.2.2 contain vulnerabilities in the mail function, allowing local script authors to bypass safe mode restrictions and possibly allowing remote attackers to insert arbitrary mail headers or content. Updated 13 Jan 2003 Added fixed packages for the Itanium IA64...

7.5CVSS5.9AI score0.0315EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2004/03/27 12:0 a.m.31 views

waraxe-2004-SA012.txt

================================================================================ waraxe-2004-SA012 ================================================================================ Multiple vulnerabilities in XMB 1.8 Partagium SP3 and 1.9 Nexus Beta...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2004/03/18 5:0 a.m.18 views

CVE-2004-0246

Multiple PHP remote file inclusion vulnerabilities in 1 fonctions.lib.php, 2 dernierscommentaires.php, and 3 admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter...

7.7AI score0.04423EPSS
Exploits1References4
NVD
NVD
added 2004/03/03 5:0 a.m.21 views

CVE-2004-0132

Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server, as demonstrated using 1 the GLOBALSrootdp parameter to db.php, or 2 the GLOBALSlanguagehome parameter to archivednews.php, and a...

7.5CVSS7.6AI score0.02375EPSS
Exploits0References2
Cvelist
Cvelist
added 2004/02/14 5:0 a.m.22 views

CVE-2004-0132

Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server, as demonstrated using 1 the GLOBALSrootdp parameter to db.php, or 2 the GLOBALSlanguagehome parameter to archivednews.php, and a...

7.6AI score0.02375EPSS
Exploits0References2
NVD
NVD
added 2003/12/31 5:0 a.m.15 views

CVE-2003-1313

Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager EMLM 1.32 allow remote attackers to execute arbitrary PHP code via a URL in 1 the emmladminpath parameter to admin/auth.php or 2 the emmlpath parameter to emmlemailfunc.php...

7.5CVSS7.7AI score0.06057EPSS
Exploits1References3
NVD
NVD
added 2003/12/31 5:0 a.m.29 views

CVE-2003-1459

Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the 1 template parameter in News.php or 2 installdir parameter in install.php...

6.8CVSS7.7AI score0.07072EPSS
Exploits1References4
NVD
NVD
added 2003/12/31 5:0 a.m.19 views

CVE-2003-1179

Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the includepath parameter in 1 booth.php, 2 png.php, 3 pollssi.php, or 4 popup.php, the 5 basepath parameter to common.inc.php...

7.5CVSS7.7AI score0.04692EPSS
Exploits1References10
securityvulns
securityvulns
added 2003/12/19 12:0 a.m.44 views

Autorank PHP SQL Injection Vulnerabilities

Vendor : JMB Software URL : http://www.jmbsoft.com Version : AutoRank PHP 2.0.4 && Others? Risk : SQL Injection Vulnerability Description: The description as taken from the Autorank website "AutoRank PHP is our next generation toplist software, written completely in PHP and backed by a MySQL...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/12/16 12:0 a.m.17 views

Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/9231/info Multiple vulnerabilities have been identified in the software that include information disclosure, path disclosure, SQL injection, and a plaintext password weakness. Aardvark Topsites PHP version 4.1.0 has been reported to be prone to these issu...

7AI score
Exploits0
NVD
NVD
added 2003/10/25 4:0 a.m.15 views

CVE-2003-1148

Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences phpMyConference 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvcincludedir parameter to 1 config.inc.php or 2...

7.5CVSS7.7AI score0.08603EPSS
Exploits1References8
Cvelist
Cvelist
added 2003/10/15 4:0 a.m.23 views

CVE-2003-0860

Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors...

6.6AI score0.01537EPSS
Exploits0References2
Rows per page
Query Builder