24 matches found
CVE-2008-5624
PHP 5 before 5.2.7 does not properly initialize the pageuid and pagegid global variables for use by the SAPI phpgetuid function, which allows context-dependent attackers to bypass safemode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting ...
PHP SAPI 'php_getuid()' ๅฎๅ จๆจกๅผ็ป่ฟๆผๆด
PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to bypass some safe mode restrictions. This vulnerability would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code, with the...
Debian Security Advisory DSA 1572-1 (php5)
The remote host is missing an update to php5 announced via advisory DSA 1572-1. OpenVAS Vulnerability Test $Id: deb15721.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1572-1 php5 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
CVE-2005-3319
The apache2handler SAPI sapiapache2.c in the Apache module modphp for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service segmentation fault via the session.savepath option in a .htaccess file or VirtualHost...