Vulnerabilities (CVE)

Filtered by vendor Php Subscribe
Total 748 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-4433 1 Php 1 Php 2025-04-03 7.5 HIGH N/A
PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier (PHPSESSID) for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session file. NOTE: it could be argued that this not a vulnerability in PHP itself, rather a design limitation that enables certain attacks against session handlers that do not account for this limitation.
CVE-2004-0594 6 Avaya, Debian, Hp and 3 more 6 Converged Communications Server, Debian Linux, Hp-ux and 3 more 2025-04-03 5.1 MEDIUM N/A
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
CVE-2006-1494 1 Php 1 Php 2025-04-03 2.6 LOW N/A
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.
CVE-2003-1303 1 Php 1 Php 2025-04-03 5.0 MEDIUM N/A
Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in a (1) To or (2) From header.
CVE-2002-0229 1 Php 1 Php 2025-04-03 7.5 HIGH N/A
Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
CVE-2002-1396 1 Php 1 Php 2025-04-03 7.5 HIGH N/A
Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2000-0967 1 Php 1 Php 2025-04-03 10.0 HIGH N/A
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
CVE-2002-1954 1 Php 1 Php 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the query string argument, as demonstrated using soinfo.php.
CVE-2006-1558 1 Php 1 Php Script Index 2025-04-03 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in search.php in PHP Script Index allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2002-0121 1 Php 1 Php 2025-04-03 2.1 LOW N/A
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.
CVE-2001-0108 2 Mandrakesoft, Php 2 Mandrake Linux, Php 2025-04-03 5.0 MEDIUM N/A
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
CVE-2006-1991 1 Php 1 Php 2025-04-03 6.4 MEDIUM N/A
The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument.
CVE-2004-1065 4 Openpkg, Php, Trustix and 1 more 4 Openpkg, Php, Secure Linux and 1 more 2025-04-03 10.0 HIGH N/A
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
CVE-2002-0081 1 Php 1 Php 2025-04-03 7.5 HIGH N/A
Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.
CVE-2006-4020 1 Php 1 Php 2025-04-03 4.6 MEDIUM N/A
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a buffer over-read.
CVE-2006-4485 1 Php 1 Php 2025-04-03 10.0 HIGH N/A
The stripos function in PHP before 5.1.5 has unknown impact and attack vectors related to an out-of-bounds read.
CVE-2005-3353 1 Php 1 Php 2025-04-03 5.0 MEDIUM N/A
The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.
CVE-2005-3883 1 Php 1 Php 2025-04-03 5.0 MEDIUM N/A
CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
CVE-2003-0860 1 Php 1 Php 2025-04-03 10.0 HIGH N/A
Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors.
CVE-2003-0863 1 Php 1 Php 2025-04-03 7.5 HIGH N/A
The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.