83 matches found
PHP multibyte shell escape flaw
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...
php htmlentities/htmlspecialchars multibyte sequences
The 1 htmlentities and 2 htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465...
mysql malformed password crasher
MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service daemon crash via a malformed password packet in the connection protocol...