Lucene search
K

262 matches found

RedhatCVE
RedhatCVE
added 2015/10/30 9:27 a.m.20 views

CVE-2007-1710

The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safemode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence...

4.3CVSS7.2AI score0.00444EPSS
Exploits0References2
myhack58
myhack58
added 2015/06/27 12:0 a.m.62 views

PHP security issues: a remote overflow, DoS, safe_mode bypass vulnerability-vulnerability warning-the black bar safety net

One, the Web serversecurity PHP actually but is the Web server of a module function, so the first thing to ensure Web Server Security. Of course Web server to be secure and must be first to ensure the system safe, so you pull away, endless. PHP can be and various The Web server binding, also here...

0.6AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

PHP 4.x tempnam() Function open_basedir Restriction Bypass

No description provided by source. source: http://www.securityfocus.com/bid/17439/info PHP is prone to multiple 'safemode' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.35 views

PHP 4.x SafeMode Arbitrary File Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2954/info PHP is the Personal HomePage development toolkit, distributed by the PHP.net, and maintained by the PHP Development Team in public domain. A problem with the toolkit could allow elevated privileges, and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit

No description provided by source. ?php ---------------------------------------------------- -----PHP FFI Extension Safemode Bypass Exploit----- ---------------------------------------------------- -Tested on 5.0.5------------------------------------...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

PHP 3-5 Ini_Restore() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19933/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. This...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

PHP <= 5.3.1 'session_save_path()' 'safe_mode' Restriction-Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38182/info PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write session files in arbitrary directions. This vulnerability would be an issue in shared-hosting...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

PHP 4.x/5.0/5.1 mb_send_mail() Function Parameter Restriction Bypass

No description provided by source. source: http://www.securityfocus.com/bid/16878/info PHP is prone to multiple input-validation vulnerabilities that could allow 'safemode' and 'openbasedir' security settings to be bypassed. These issues reside in the 'mbsendmail' function, the 'mail' function, a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

PHP 5.2.5 Multiple Functions 'safe_mode_exec_dir' and 'open_basedir' Restriction Bypass Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31064/info PHP is prone to 'safemodeexecdir' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to execute arbitrary code. These vulnerabilities would be an issue in...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

PHP <= 3.0.13 'safe_mode' Failure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/911/info PHP Version 3.0 is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

PHP <= 5.2.6 - chdir Function http URL Argument safe_mode Restriction Bypass

No description provided by source. source: http://www.securityfocus.com/bid/29796/info PHP is prone to multiple 'safemode' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to determine the presence of files in unauthorized locations; other attacks are also possible...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.37 views

Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities Exploit

No description provided by source. ?php Name: Nuked-klaN = 1.7.7 and = SP4.4 Multiple Vulnerabilities Exploit Credits: Charles FOL charlesfolathotmail.fr URL: http://real.o-n.fr/ Date: 14/10/2008 Special thanks to Louis for remembering me I had to finish it = VULNERABILITY DETAILS...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.43 views

PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/4026/info PHP's 'safemode' feature may be used to restrict access to certain areas of a filesystem by PHP scripts. However, a problem has been discovered that may allow an attacker to bypass these restrictions to gain...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/11/18 12:0 a.m.78 views

PHP 5.1.x < 5.1.5 Multiple Vulnerabilities

According to its banner, the version of PHP 5.x installed on the remote host is older than 5.1.5. Such versions may be affected by the following vulnerabilities : - The c-client library 2000, 2001, or 2004 for PHP does not check the safemode or openbasedir functions. CVE-2006-1017 - A buffer...

10CVSS8.5AI score0.05073EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2011/11/18 12:0 a.m.165 views

PHP Foreign Function Interface Arbitrary DLL Loading safe_mode Restriction Bypass

According to its banner, the version of PHP installed on the remote host is affected by a security bypass vulnerability. The Foreign Function Interface ffi extension does not follow safemode restrictions, which allows context-dependent attackers to execute arbitrary code by loading an arbitrary D...

4.3CVSS5.9AI score0.04703EPSS
Exploits0References2
myhack58
myhack58
added 2011/10/26 12:0 a.m.24 views

PHP 5. x COM functions to mention the right vulnerability-vulnerability warning-the black bar safety net

PHP is“hypertext pre-processing language”for Hypertext Preprocessor acronym, is an HTML embedded language. It can be more than the CGI or Perl more rapid implementation of dynamic web pages. PHP has a very powerful function, all of CGI or JavaScript functions, PHP can be achieved, supports almost...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2010/08/20 12:0 a.m.31 views

CVE-2010-2484

The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information memory contents or trigger memory corruption by causing a userspace interruption of an internal function or handler...

5CVSS5.9AI score0.01827EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.16 views

Fedora 11 : maniadrive-1.2-18.fc11 / php-5.2.13-1.fc11 (2010-4114)

This release focuses on improving the stability of the PHP 5.2.x branch with over 40 bug fixes, some of which are security related, including: Fixed safemode validation inside tempnam when the directory path does not does not end with a / Fixed a possible openbasedir/safemode bypass in the sessio...

5.6AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.14 views

Fedora 12 : maniadrive-1.2-21.fc12 / php-5.3.2-1.fc12 (2010-4212)

This is a maintenance release in the 5.3 series, which includes a large number of bug fixes. Security Enhancements and Fixes in PHP 5.3.2: - Improved LCG entropy. Rasmus, Samy Kamkar - Fixed safemode validation inside tempnam when the directory path does not end with a /. Martin Jansen - Fixed a...

5.6AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2010/05/27 10:30 p.m.35 views

CVE-2010-2100

The 1 htmlentities, 2 htmlspecialchars, 3 strgetcsv, 4 httpbuildquery, 5 strpbrk, and 6 strtr functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function,...

5CVSS5.9AI score0.02047EPSS
Exploits5References6
Rows per page
Query Builder