php
756 tracked vulnerabilities.
CVE-2008-2108
CRITICAL
PHP <4.4.8 & <5.2.5 - Info Disclosure
May 07, 2008
CVSS 9.8
EPSS 0.06
CVE-2008-0599
CRITICAL
PHP < 5.2.6 - Remote Code Execution via PATH_TRANSLATED Buffer Overflow
May 05, 2008
CVSS 9.8
EPSS 0.39
CVE-2008-2050
PHP < 5.2.6 - Stack-Based Buffer Overflow in FastCGI SAPI
May 05, 2008
EPSS 0.07
CVE-2008-2051
PHP < 5.2.6 - Command Injection via escapeshellcmd Multibyte Character Handling
May 05, 2008
EPSS 0.06
CVE-2008-1384
PHP < 5.2.5 - Denial of Service via Integer Overflow in printf Width Specifier
Mar 27, 2008
EPSS 0.03
CVE-2008-0373
PHP F1 Max's File Uploader - Unrestricted File Upload
Jan 22, 2008
EPSS 0.01
CVE-2008-0145
PHP < 4.4.8 - Unspecified Vulnerability in glob with open_basedir
Jan 08, 2008
EPSS 0.01
CVE-2007-4850
PHP 5.2.4 and 5.2.5 - Arbitrary File Read via cURL file:// Null Byte Bypass
Jan 25, 2008
EPSS 0.14
CVE-2007-6512
PHP MySQL Banner Exchange 2.2.1 - Info Disclosure
Dec 21, 2007
EPSS 0.00
CVE-2007-5899
PHP < 5.2.4 - Exposure of Sensitive Information via output_add_rewrite_var
Nov 20, 2007
EPSS 0.02
CVE-2007-6039
PHP < 5.2.4 - Denial of Service via Long String in Domain Parameter
Nov 20, 2007
EPSS 0.00
CVE-2007-5898
PHP <5.2.5 - Info Disclosure
Nov 20, 2007
EPSS 0.06
CVE-2007-5900
PHP < 5.2.5 - Local Configuration Bypass via ini_set
Nov 20, 2007
EPSS 0.00
CVE-2007-5653
PHP < 5.2.4 - OS Command Injection via COM Functions
Oct 23, 2007
EPSS 0.03
CVE-2007-5447
ionCube Loader 6.5 for PHP 5.2.4 - Safe Mode and Function Restriction Bypass via ioncube_read_file
Oct 14, 2007
EPSS 0.04
CVE-2007-5424
PHP 4 and 5 - Function Restriction Bypass via Alias
Oct 12, 2007
EPSS 0.00
CVE-2007-5128
SimpNews 2.41.03 - Information Disclosure via link_date Parameter
Sep 27, 2007
EPSS 0.00
CVE-2007-4889
PHP MySQL Extension < 5.2.4 - Safe Mode and Open Basedir Bypass via MySQL LOAD_FILE and INTO OUTFILE Functions
Sep 14, 2007
EPSS 0.01
CVE-2007-4887
PHP < 5.2.4 - Denial of Service via Long String in dl Function Library Parameter
Sep 14, 2007
EPSS 0.02
CVE-2007-4840
PHP < 5.2.4 - Denial of Service via Long String in Iconv Charset Parameter
Sep 12, 2007
EPSS 0.01
CVE-2007-4825
PHP < 5.2.3 - Path Traversal via dl Function
Sep 12, 2007
EPSS 0.00
CVE-2007-4782
PHP < 5.2.3 - Denial of Service via Long String in glob or fnmatch Function
Sep 10, 2007
EPSS 0.03
CVE-2007-4783
PHP < 5.2.4 - Denial of Service via iconv_substr Function
Sep 10, 2007
EPSS 0.01
CVE-2007-4784
PHP < 5.2.3 - Denial of Service via Long Locale Parameter in setlocale
Sep 10, 2007
EPSS 0.01
CVE-2007-4670
PHP < 5.2.3 - Unspecified Vulnerability
Sep 05, 2007
EPSS 0.03
Products
php 723
pear 5
archive_tar 4
frankenphp 2
pearweb 2
php_script_index 2
animated_smiley_generator 1
ar_memberscript 1
blog_cms 1
bloq 1
com_extensions 1
directory_listing_script 1
errordocs 1
ext-http 1
f1_maxs_file_uploader 1
imagick 1
memcached 1
mysql_banner_exchange 1
mysql_extension 1
pear_archive_tar 1
pecl_http 1
php_fi 1
phpsquidpass 1
xhprof 1
xml_rpc 1
Quick Filters