EUVD-2025-204295

due to insufficient sanitazation in Vega’s convert function when safeMode is enabled and the spec variable is an array. An attacker can craft a malicious Vega diagram specification that will allow them to send requests to any URL, including local file system paths, leading to exposure of sensitiv...

EUVD-2001-1228

Malware in sbrugna...

CVE-2023-2717

The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation on the 'enablesafemode' function. This makes it possible for unauthenticated attackers to enable safe mode, which disables all other...

PHP SAPI 'php_getuid()' 安全模式绕过漏洞

PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to bypass some safe mode restrictions. This vulnerability would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code, with the...

CVE-2002-0229

Safe Mode feature safemode in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements...