Php

Php

725 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 5.27%
  • Veröffentlicht 13.02.2007 23:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:32

Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent attackers to cause a denial of service (crash).

  • EPSS 11.69%
  • Veröffentlicht 30.01.2007 17:28:00
  • Zuletzt bearbeitet 16.06.2026 22:35:36

Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded...

Exploit
  • EPSS 1.09%
  • Veröffentlicht 10.12.2006 20:28:00
  • Zuletzt bearbeitet 16.06.2026 22:33:00

PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP v...

  • EPSS 0.33%
  • Veröffentlicht 04.11.2006 01:07:00
  • Zuletzt bearbeitet 16.06.2026 22:31:41

Unspecified vulnerabilities in PHP, probably before 5.2.0, allow local users to bypass open_basedir restrictions and perform unspecified actions via unspecified vectors involving the (1) chdir and (2) tempnam functions. NOTE: the tempnam vector migh...

  • EPSS 7.51%
  • Veröffentlicht 04.11.2006 00:07:00
  • Zuletzt bearbeitet 16.06.2026 22:31:15

Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.

  • EPSS 15.39%
  • Veröffentlicht 10.10.2006 04:06:00
  • Zuletzt bearbeitet 16.06.2026 22:29:50

Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend En...

Exploit
  • EPSS 0.65%
  • Veröffentlicht 10.10.2006 04:06:00
  • Zuletzt bearbeitet 16.06.2026 22:30:40

Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before t...

Exploit
  • EPSS 0.91%
  • Veröffentlicht 12.09.2006 16:07:00
  • Zuletzt bearbeitet 16.06.2026 22:29:28

PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.

  • EPSS 1.45%
  • Veröffentlicht 31.08.2006 21:04:00
  • Zuletzt bearbeitet 16.06.2026 22:29:11

The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_o...

  • EPSS 4.49%
  • Veröffentlicht 31.08.2006 21:04:00
  • Zuletzt bearbeitet 16.06.2026 22:29:11

Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990...