PHP Security Vulnerabilities
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also...
8.4AI Score
0.003EPSS
Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter to (1) forum.php and (2) profile.php in infusions/rank_system/. NOTE: the provenance of this...
7AI Score
0.009EPSS
Multiple SQL injection vulnerabilities in phpDirectorySource 1.1.06, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to show.php and the (2) login parameter to...
8.5AI Score
0.002EPSS
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subsequent values of the rand and mt_rand functions...
9.5AI Score
0.016EPSS
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte...
9.3AI Score
0.02EPSS
SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to execute arbitrary SQL commands via the AMG_id parameter in a comments...
8.3AI Score
0.001EPSS
SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magic_quotes_gpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submit_info[] parameter in a link submission action. NOTE: it was...
7.9AI Score
0.004EPSS
Directory traversal vulnerability in view_private.php in Keep It Simple Guest Book (KISGB) 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tmp_theme parameter. NOTE: 5.1.1 is also reportedly...
7.1AI Score
0.023EPSS
Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other.....
9.7AI Score
0.016EPSS
Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows remote attackers to execute arbitrary code via a long...
7.8AI Score
0.185EPSS
SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID...
8.5AI Score
0.001EPSS
Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) Vert/index.php, (2) Noir/index.php, and (3) Bleu/index.php in template/, different vectors than...
7.5AI Score
0.013EPSS
SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg...
8.4AI Score
0.001EPSS
SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to...
8.4AI Score
0.001EPSS
SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid...
8.4AI Score
0.001EPSS
SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle...
8.3AI Score
0.001EPSS
SQL injection vulnerability in index.php in Tiger Php News System (TPNS) 1.0b and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a newscat...
8.3AI Score
0.091EPSS
curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than...
9.3AI Score
0.012EPSS
Unrestricted file upload vulnerability in PHP F1 Max's File Uploader allows remote attackers to upload and execute arbitrary PHP...
7.5AI Score
0.008EPSS
SQL injection vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cognome_cerca parameter. NOTE: some of these details are obtained from third party...
8.4AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in index.php in PHP Running Management (phpRunMan) before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the message...
5.8AI Score
0.004EPSS
SQL injection vulnerability in soporte_horizontal_w.php in PHP Webquest 2.6 allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter, a different vector than...
8.3AI Score
0.002EPSS
Unspecified vulnerability in glob in PHP before 4.4.8, when open_basedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to...
8.4AI Score
0.01EPSS
PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to...
6.3AI Score
0.004EPSS
SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id...
8.5AI Score
0.001EPSS
Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in PHP Real Estate Classifieds allow remote attackers to inject arbitrary web script or HTML via unspecified "text...
5.9AI Score
0.001EPSS
Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and earlier allow remote attackers to (1) create arbitrary files via a .. (dot dot) in the username parameter when registering a user account, and (2) read arbitrary PHP files via a .. (dot dot) in (a) the topic...
7AI Score
0.005EPSS
Flat PHP Board 1.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials via a direct request for the username php file for any user account in...
6.4AI Score
0.004EPSS
Flat PHP Board 1.2 and earlier allows remote attackers to bypass authentication and obtain limited access to an arbitrary user account via the fpb_username...
7.2AI Score
0.003EPSS
Multiple cross-site scripting (XSS) vulnerabilities in PHPMyChat 0.14.5 allow remote attackers to inject arbitrary web script or HTML via the (1) LIMIT parameter to chat/deluser.php3, the (2) Link parameter to chat/edituser.php3, or the (3) LastCheck or (4) B parameter to chat/users_popupL.php3. .....
5.8AI Score
0.003EPSS
PHP remote file inclusion vulnerability in Exchange/include.php in PHP_CON 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the webappcfg[APPPATH]...
7.5AI Score
0.072EPSS
The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a...
8.2AI Score
0.012EPSS
PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in (1) the domain parameter to the dgettext function, the message parameter to the (2) dcgettext or (3) gettext function, the msgid1 parameter to the (4) dngettext or (5)...
9.5AI Score
0.001EPSS
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than...
8.6AI Score
0.492EPSS
PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than...
8.9AI Score
0.001EPSS
PHP remote file inclusion vulnerability in examples/patExampleGen/bbcodeSource.php in patBBcode 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the example...
7.6AI Score
0.02EPSS
Unspecified vulnerability in Light FMan PHP (lfman or lightfman) before 2.0rc1 has unknown impact and attack vectors related to...
6.6AI Score
0.005EPSS
Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Open directory mode is enabled, allows remote attackers to upload and execute arbitrary PHP code via a ServerPath parameter specifying a filename with a double extension. NOTE: some of these details...
7.6AI Score
0.011EPSS
The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control...
9.5AI Score
0.007EPSS
login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via a direct...
6.5AI Score
0.007EPSS
Multiple cross-site scripting (XSS) vulnerabilities in NSSboard (formerly Simple PHP Forum) 6.1 allow remote attackers to inject arbitrary web script or HTML via (1) HTML tags when BBcode is disabled; or the (2) user, (3) email, or (4) Real Name fields in a...
5.8AI Score
0.002EPSS
SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin...
8.8AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq...
6AI Score
0.001EPSS
Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message board via a direct request to add.php, which leaks the path in an error...
6.4AI Score
0.004EPSS
PHP remote file inclusion vulnerability in News Evolution 2.0 allows remote attackers to execute arbitrary PHP commands via the neurl parameter to (1) backend.php, (2) screen.php, or (3)...
8.1AI Score
0.02EPSS
Directory traversal vulnerability in index.php in PHP File Sharing System 1.5.1 allows remote attackers to list or create arbitrary directories, or delete arbitrary files, as demonstrated by listing directories via a .. (dot dot) in the cam...
6.8AI Score
0.005EPSS
Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the _options table, which is used in an eval function call by (1) admin.php, (2) click.php, (3) download.php,....
7.8AI Score
0.006EPSS
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote attackers to execute arbitrary SQL commands via the (1) ip or (2) t...
8.5AI Score
0.001EPSS
ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file...
9.7AI Score
0.005EPSS
The disable_functions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using ini_alter when ini_set is...
6.5AI Score
0.004EPSS