php
756 tracked vulnerabilities.
CVE-2003-0863
PHP 4.3.x - Unauthenticated File Include Vulnerability via php_check_safe_mode_include_dir
Nov 17, 2003
EPSS 0.03
CVE-2003-0442
PHP < 4.3.2 - Cross-Site Scripting via PHPSESSID Parameter
Jul 24, 2003
EPSS 0.52
CVE-2003-0166
PHP - Denial of Service and Possible Remote Code Execution via Negative Arguments to socket_recv and socket_recvfrom
Apr 02, 2003
EPSS 0.27
CVE-2003-0172
PHP 4.3.1 - Buffer Overflow in openlog Function
Apr 02, 2003
EPSS 0.22
CVE-2003-0097
PHP 4.3.0 - Arbitrary File Access and PHP Code Execution via CGI Force Redirect Bypass
Mar 03, 2003
EPSS 0.00
CVE-2002-1396
PHP 4.1.2-4.3.0 - Heap-Based Buffer Overflow in wordwrap Function
Jan 17, 2003
EPSS 0.02
CVE-2002-1783
PHP 4.2.1-4.2.3 - CRLF Injection via fopen or file Functions
Dec 31, 2002
EPSS 0.01
CVE-2002-1954
PHP 4.2.3 phpinfo - Cross-Site Scripting
Dec 31, 2002
EPSS 0.03
CVE-2002-2175
phpSquidPass <0.2 - Info Disclosure
Dec 31, 2002
EPSS 0.01
CVE-2002-2214
PHP - Denial of Service via Long IMAP Email Header
Dec 31, 2002
EPSS 0.01
CVE-2002-2215
PHP < 4.3.0 - Denial of Service via IMAP Header with Excessive To Addresses
Dec 31, 2002
EPSS 0.00
CVE-2002-2309
PHP 3.0-4.2.2 - Denial of Service via Direct Request Without Arguments
Dec 31, 2002
EPSS 0.06
CVE-2002-0985
PHP 4.0-4.2.2 - Argument Injection via mail() Function
Sep 24, 2002
EPSS 0.01
CVE-2002-0986
PHP 4.x-4.2.2 - Mail Header Injection via Unfiltered ASCII Control Characters
Sep 24, 2002
EPSS 0.20
CVE-2002-0484
PHP - Unauthenticated Arbitrary File Write via move_uploaded_file
Aug 12, 2002
EPSS 0.06
CVE-2002-0717
PHP 4.2.0-4.2.1 - Denial of Service and Possible Remote Code Execution via Multipart Form Data Handling
Jul 26, 2002
EPSS 0.04
CVE-2002-0253
PHP - Path Disclosure via Include Directive Error Message
May 29, 2002
EPSS 0.01
CVE-2002-0229
PHP 3.0-4.1.0 - Safe Mode Bypass via MySQL LOAD DATA INFILE LOCAL
May 16, 2002
EPSS 0.05
CVE-2002-0121
PHP 4.0-4.1.1 - Session ID Exposure via Temporary File Storage
Mar 25, 2002
EPSS 0.00
CVE-2002-0081
PHP 3.0.x, 4.0.6 and earlier, 4.1.0-4.1.1 - Remote Code Execution via Multipart/Form-Data POST Request
Mar 08, 2002
EPSS 0.52
CVE-2001-1247
PHP 4.0.4pl1 and 4.0.5 - Unauthenticated Arbitrary File Read and Write via error_log Function
Dec 06, 2001
EPSS 0.01
CVE-2001-1246
PHP 4.0.5-4.1.0 - Command Injection via mail() Function 5th Parameter
Jun 30, 2001
EPSS 0.05
CVE-2001-0108
PHP Apache module <4.0.4 - Auth Bypass
Mar 12, 2001
EPSS 0.00
CVE-2001-1385
Apache module for PHP <4.0.5 - Info Disclosure
Jan 12, 2001
EPSS 0.01
CVE-2000-0967
PHP 3 and 4 - Remote Code Execution via Format String Injection
Dec 19, 2000
EPSS 0.27
Products
php 723
pear 5
archive_tar 4
frankenphp 2
pearweb 2
php_script_index 2
animated_smiley_generator 1
ar_memberscript 1
blog_cms 1
bloq 1
com_extensions 1
directory_listing_script 1
errordocs 1
ext-http 1
f1_maxs_file_uploader 1
imagick 1
memcached 1
mysql_banner_exchange 1
mysql_extension 1
pear_archive_tar 1
pecl_http 1
php_fi 1
phpsquidpass 1
xhprof 1
xml_rpc 1
Quick Filters