Lucene search
K

4706 matches found

Cvelist
Cvelist
added 2001/01/22 5:0 a.m.27 views

CVE-2000-0860

The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables...

6.7AI score0.02745EPSS
Exploits1References6
securityvulns
securityvulns
added 2000/12/07 12:0 a.m.23 views

Security Advisory(CSA-200011)

CHINANSL Security AdvisoryCSA-200011 Topic: PHP AND APACHE Vulnerability Release Dateёє Dec 6, 2000 Affected system: ============ APACHE WEB SERVER 1.3 ЎЎЎЎ- Microsoft Windows NT 4.0 ЎЎЎЎ- Microsoft Windows 2000 Impact: ====== CHINANSL security team has found a security problem in Apache web serv...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2000/11/28 12:0 a.m.73 views

Security problems with TWIG webmail system

Twig is a popular webmail system written in PHP, once called Muppet. Author: Christopher Heschong Homepage: http://twig.screwdriver.net Version: 2.5.1 latest Problem: The possibility of processing our own php file , can leed to arbitrary command execution on the server as the httpd user. Status:...

0.3AI score
Exploits0
NVD
NVD
added 2000/11/14 5:0 a.m.26 views

CVE-2000-0860

The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables...

5CVSS6.7AI score0.02745EPSS
Exploits1References6
Exploit DB
Exploit DB
added 2000/10/12 12:0 a.m.38 views

PHP 3.0/4.0 - Error Logging Format String

// source: https://www.securityfocus.com/bid/1786/info PHP is a scripting language designed for CGI applications that is used on many websites. There exists a remotely exploitable format string vulnerability in all versions of PHP below PHP 4.0.3. The vulnerability exists in the code that handles...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/09/12 12:0 a.m.24 views

Дырка во многих реализациях PHP

Из-за того, что сервер не сбрасывает некоторые переменные, которые могут задаваться пользователем, пользователь может указать временный файл, используемый при загрузке, что позволяет скомпрометировать системные файлы...

0.3AI score
Exploits0References3Affected Software1
Rows per page
Query Builder