Lucene search
+L

824 matches found

CVE
CVE
added 2002/06/25 4:0 a.m.60 views

CVE-2001-1246

CVE-2001-1246 affects PHP versions 4.0.5–4.1.0 running in safe mode. The fifth parameter to mail() is not properly sanitized, enabling local users and possibly remote attackers to execute arbitrary commands via shell metacharacters. Multiple connected documents (NVD/Nessus advisories) describe th...

7.5CVSS7.7AI score0.08486EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.27 views

CVE-2001-1246

PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters...

7.6AI score0.08486EPSS
Exploits0References7
CVE
CVE
added 2002/06/25 4:0 a.m.65 views

CVE-2001-1247

CVE-2001-1247 affects PHP 4.0.4pl1 and 4.0.5 in safe mode, enabling remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses error_log to access files. Impact: partial confidentiality and integrity exposure via uploaded scripts. Remediation: upgrade...

6.4CVSS7.1AI score0.09383EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.22 views

CVE-2001-1247

PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the errorlog function to access the files...

6.7AI score0.09383EPSS
Exploits1References4
NVD
NVD
added 2002/05/16 4:0 a.m.24 views

CVE-2002-0229

Safe Mode feature safemode in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements...

7.5CVSS7.2AI score0.09249EPSS
Exploits0References7
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.31 views

CVE-2002-0229

Safe Mode feature safemode in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements...

7.2AI score0.09249EPSS
Exploits0References7
CVE
CVE
added 2002/05/03 4:0 a.m.96 views

CVE-2002-0229

CVE-2002-0229 affects PHP 3.0–4.1.0 Safe Mode. The vulnerability lets an attacker with access to the MySQL database bypass Safe Mode restrictions and read arbitrary files via LOAD DATA INFILE LOCAL SQL statements. Documented impact is partial confidentiality/read access. The connected documents c...

7.5CVSS7.2AI score0.09249EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2002/04/23 12:0 a.m.40 views

Obtaining user list in PHP safe mode

Unlimited access to getpw allows to reconstruct full users list...

3.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/04/23 12:0 a.m.35 views

PHP problem

This is not really an advisory, but a warning for sysadmins running webservers with PHP. I noticed that it was possible to rebuild the user database Unix even when safemode prevented from reading /etc/passwd and openbasedir prevented from accessing /etc. The implementation of getpwuid,nam functio...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2002/03/20 12:0 a.m.45 views

Bypassing safe mode in PHP

It's possible to bypass safe mode limitation by using moveuploadedfile call and MySQL library functions to access files of different users...

3.6AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2002/02/05 12:0 a.m.44 views

PHP Safe Mode Filesystem Circumvention Problem

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ------------------------------------------------------------------------------ Security Advisory DW020203-PHP Release: 3rd February 2002 PHP Safe Mode Filesystem Circumvention Problem Severity: Medium to high. Affects: PHP, all versions which include...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2002/02/03 12:0 a.m.38 views

PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (3)

optionsMYSQLIOPTLOCALINFILE, 1; $m-setlocalinfilehandler"r"; $m-query"LOAD DATA LOCAL INFILE '/etc/passwd' INTO TABLE a.a"; $m-close; ?...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/07/02 12:0 a.m.44 views

PHP Safe Mode mail Function 5th Parameter Arbitrary Command Execution

The remote host is running PHP 4.0.5. There is a flaw in this version of PHP that allows local users to circumvent the safe mode and to gain the UID of the HTTP process. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: Date: Fri, 23 Aug 2002 09:30:40 +0200 CEST From: "Wojciech...

7.5CVSS5.6AI score0.08486EPSS
Exploits0References1
NVD
NVD
added 2001/06/30 4:0 a.m.21 views

CVE-2001-1246

PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters...

7.5CVSS7.6AI score0.08486EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2001/06/30 12:0 a.m.10 views

PT-2001-2378 · Php · Php

Name of the Vulnerable Software and Affected Versions: PHP versions 4.0.5 through 4.1.0 Description: The issue is related to the mail function in PHP, where the 5th parameter is not properly cleansed in safe mode, allowing local users and possibly remote attackers to execute arbitrary commands vi...

7.5CVSS7.5AI score0.08486EPSS
Exploits0References10
securityvulns
securityvulns
added 2001/06/22 12:0 a.m.31 views

bugtraq submission

All versions of the C version of ePerl 2.2 up to current version 2.2.14 http://www.engelschall.com/sw/eperl/ Severity: Low Systems Affected: Unix systems Description: ePerl allows the user to embed perl code specified inside ePerl delimiters in HTML. ePerl has the ability to "safely" include...

7AI score
Exploits0
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.28 views

CVE-2000-0059

PHP3 with safemode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands...

7.2AI score0.10072EPSS
Exploits0References1
exploitpack
exploitpack
added 2000/01/04 12:0 a.m.10 views

PHP 3.0.13 - Safe_mode Failure

PHP 3.0.13 - Safemode Failure source: https://www.securityfocus.com/bid/911/info PHP Version 3.0 is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web developer...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2000/01/04 12:0 a.m.34 views

PHP 3.0.13 - 'Safe_mode' Failure

source: https://www.securityfocus.com/bid/911/info PHP Version 3.0 is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web developers to write dynamically generat...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.27 views

foolproof-bypass.txt

FoolProof found to be full of security glitches FoolProof a product by SmartStuff was intentionally programed to stop users from increasing computer maintaince by installing new software, changing the current computer configuration and so on by limiting the functions a user can do. The mentioned...

7.4AI score
Exploits0
Rows per page
Query Builder